Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 216850
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 216850 depends on: 201448 Show dependency tree
Bug 216850 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-04-08 10:04 0000 
xpdf / poppler does not type-check the the "stream" object before dereferencing
a function from it, allowing for arbitrary code execution via pdf files with
embedded fonts.

We have quite some places where this needs fixing. Embargo date is April, 15
currently.

------- Comment #1 From Daniel Gryniewicz 2008-04-10 18:33:05 0000 ------- 
I'm waiting for some indication of how to fix this...

------- Comment #2 From Robert Buchholz 2008-04-10 21:26:41 0000 ------- 
A patch was introduced in the 0.6.2 release, and is available here:
http://gitweb.freedesktop.org/?p=poppler/poppler.git;a=commitdiff;h=1a531dcfee1c6fc79a414c38cbe7327fbf9a59d8


Arch Security Liaisons, please test and mark stable:
=app-text/poppler-0.6.3
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 release s390 sh
sparc x86"

CC'ing current Liaisons:
   alpha : ferdy
   amd64 : welp
    hppa : jer
     ppc : dertobi123
   ppc64 : corsair
 release : pva
   sparc : fmccor
     x86 : opfer

------- Comment #3 From Robert Buchholz 2008-04-10 22:15:45 0000 ------- 
dang, anything that can be done about bug 201448 beforehand?

------- Comment #4 From Robert Buchholz 2008-04-10 22:19:36 0000 ------- 
As it seems, neither KPDF nor TeX are affected, because both had the
cairo-related code paths removed.

------- Comment #5 From Daniel Gryniewicz 2008-04-10 23:05:13 0000 ------- 
I'll take a look.  I don't have anything with qt, so it will take a bit.

------- Comment #6 From Daniel Gryniewicz 2008-04-11 00:23:57 0000 ------- 
Okay, bug 201448 is fixed.

------- Comment #7 From Jeroen Roovers 2008-04-12 13:41:44 0000 ------- 
Probably a good idea to test and mark app-text/poppler-bindings-0.6.3 stable in
the same go.

------- Comment #8 From Jeroen Roovers 2008-04-12 14:01:06 0000 ------- 
Stable for HPPA:
   =app-text/poppler-0.6.3
   =app-text/poppler-bindings-0.6.3

Anything else? :)

------- Comment #9 From Raúl Porcel 2008-04-12 21:15:49 0000 ------- 
alpha/ia64/sparc/x86 stable

------- Comment #10 From Markus Rothe 2008-04-14 06:01:18 0000 ------- 
ppc64 stable

------- Comment #11 From Markus Meier 2008-04-14 21:00:05 0000 ------- 
amd64 stable

------- Comment #12 From Robert Buchholz 2008-04-17 11:25:43 0000 ------- 
ppc stable (proxy commit for dertobi123)

------- Comment #13 From Robert Buchholz 2008-04-17 11:27:24 0000 ------- 
Lifting embargo since the agreed date has passed.

Arches, please test and mark stable:
=app-text/poppler-0.6.3
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 release s390 sh
sparc x86"
Already stabled : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Missing keywords: "arm m68k release s390 sh"

------- Comment #14 From Robert Buchholz 2008-04-17 12:36:51 0000 ------- 
GLSA 200804-18

------- Comment #15 From Peter Volkov 2008-04-21 07:50:35 0000 ------- 
Fixed in release snapshot.

------- Comment #16 From Robert Buchholz 2008-05-11 15:50:36 0000 ------- 
*** Bug 221297 has been marked as a duplicate of this bug. ***
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug