Summary: | <app-text/poppler-0.14.4: Multiple Vulnerabilities (CVE-2010-{3702,3703,3704}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://secunia.com/advisories/41596/ | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 341303 | ||
Bug Blocks: |
Description
Tim Sammut (RETIRED)
2010-09-27 06:07:27 UTC
All mentioned commits apart from http://cgit.freedesktop.org/poppler/poppler/commit/?id=c6a091512745771894b54a71613fd6b5ca1adcb3 (memleak) are backported to 0.14 branch and present in 0.14.4 I just commited to tree. Arches, please test and mark stable: =app-text/poppler-0.14.4 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" amd64 done x86 stable ppc done arm stable Does not compile on alpha: [ 97%] Building CXX object cpp/CMakeFiles/poppler-cpp.dir/poppler-private.cpp.o /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp: In member function 'poppler::byte_array poppler::ustring::to_utf8() const': /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:103: error: invalid conversion from 'const char**' to 'char**' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:103: error: initializing argument 2 of 'size_t iconv(void*, char**, size_t*, char**, size_t*)' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:109: error: invalid conversion from 'const char**' to 'char**' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:109: error: initializing argument 2 of 'size_t iconv(void*, char**, size_t*, char**, size_t*)' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp: In static member function 'static poppler::ustring poppler::ustring::from_utf8(const char*, int)': /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:154: error: invalid conversion from 'const char**' to 'char**' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:154: error: initializing argument 2 of 'size_t iconv(void*, char**, size_t*, char**, size_t*)' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:160: error: invalid conversion from 'const char**' to 'char**' /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp:160: error: initializing argument 2 of 'size_t iconv(void*, char**, size_t*, char**, size_t*)' distcc[10971] ERROR: compile /var/tmp/portage/app-text/poppler-0.14.4/work/poppler-0.14.4/cpp/poppler-global.cpp on localhost failed tracking bug is 341303 Stable for HPPA. ia64/s390/sh/sparc stable Stable on alpha. ppc64 done Thanks, folks. GLSA together with bug 263028. No vulnerable version left in tree. Nothing to do for kde here anymore. CVE-2010-3703 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703): The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference. Will anyone still read this GLSA if it ever comes out? Come on, stable is poppler-0.20 by now. This issue was resolved and addressed in GLSA 201310-03 at http://security.gentoo.org/glsa/glsa-201310-03.xml by GLSA coordinator Sean Amoss (ackle). |