[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1562-1] poppler security update

Package        : poppler
Version        : 0.26.5-2+deb8u5
CVE ID         : CVE-2017-18267 CVE-2018-10768 CVE-2018-13988 CVE-2018-16646
Debian Bug     : 898357 909802

Various security issues were discovered in the poppler PDF rendering
shared library.


    The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler
    through 0.64.0 allows remote attackers to cause a denial of service
    (infinite recursion) via a crafted PDF file, as demonstrated by

    The applied fix in FoFiType1C::cvtGlyph prevents infinite recursion
    on such malformed documents.


    A NULL pointer dereference in the AnnotPath::getCoordsLength function
    in Annot.h in Poppler 0.24.5 had been discovered. A crafted input
    will lead to a remote denial of service attack. Later versions of
    Poppler such as 0.41.0 are not affected.

    The applied patch fixes the crash on AnnotInk::draw for malformed


    Poppler through 0.62 contains an out of bounds read vulnerability due
    to an incorrect memory access that is not mapped in its memory space,
    as demonstrated by pdfunite. This can result in memory corruption and
    denial of service. This may be exploitable when a victim opens a
    specially crafted PDF file.

    The applied patch fixes crashes when Object has negative number.
    (Specs say, number has to be > 0 and gen >= 0).

    For Poppler in Debian jessie, the original upstream patch has been
    backported to Poppler's old Object API.


    In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may
    cause infinite recursion via a crafted file. A remote attacker can
    leverage this for a DoS attack.

    A range of upstream patches has been applied to Poppler's XRef.cc in
    Debian jessie to consolidate a fix for this issue.

For Debian 8 "Jessie", these problems have been fixed in version

We recommend that you upgrade your poppler packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunweaver@debian.org, http://sunweavers.net

Attachment: signature.asc
Description: PGP signature

Reply to: