From ${URL} : poppler 0.22.1 was released without much ado, it however contains various security fixes. The security fixes apparently come from AdressSanitizer work and fuzzing provided by the Google Security Team. The page: http://j00ru.vexillium.org/?p=1507 explains most of it, and while it focuses on Adobe Acrobat Reader, they also covered poppler testing inside. So far I see: http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492 Fix invalid memory access in 1150.pdf.asan.8.69 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888 Fix invalid memory access in 2030.pdf.asan.69.463 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa Fix another invalid memory access in 1091.pdf.asan.72.42 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696 Fix invalid memory accesses in 1091.pdf.asan.72.42 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959 Fix invalid memory accesses in 1036.pdf.asan.23.17 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=a9b8ab4657dec65b8b86c225d12c533ad7e984e2 Fix crash in broken file 1031.pdf.asan.48.15 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=a205e71a2dbe0c8d4f4905a76a3f79ec522eacec Do not crash in broken documents like 1007.pdf.asan.48.4 http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91 Initialize refLine totally Fixes uninitialized memory read in 1004.pdf.asan.7.3
All consumers fixed to build, poppler-0.22 unmasked. Let's give this a while in testing and then stabilize.
Arches please stabilize app-text/poppler-0.22.2-r1 Target: "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
(In reply to comment #2) > Arches please stabilize app-text/poppler-0.22.2-r1 > > Target: > "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" =dev-tex/luatex-0.70.1-r2 should be stabilized at same time.
amd64 stable
x86 stable
arm stable
sparc stable
Arches please wait. This needs reavertm's agreement first.
this broke stable app-text/evince-2.32.0-r4
(In reply to comment #9) > this broke stable app-text/evince-2.32.0-r4 Sorry about that, glib backend was b0rken. This should be fixed in -r2 now. Arches please fast-stabilize app-text/poppler-0.22.2-r2 Target: "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Stable for HPPA.
(In reply to comment #11) > Stable for HPPA. Sorry for the confusion- jer, please stable -0.22.2-r2 too (so I can remove -r1 when all arches are done).
ppc stable
ppc64 stable
alpha stable
sh stable
ia64 stable
s390 stable
CVE-2013-1790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790): poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function. CVE-2013-1789 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789): splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleMaskYuXu functions. CVE-2013-1788 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788): poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/Stream.cc.
All affected versions removed from the tree. Thanks everyone.
Already on existing GLSA draft.
This issue was resolved and addressed in GLSA 201310-03 at http://security.gentoo.org/glsa/glsa-201310-03.xml by GLSA coordinator Sean Amoss (ackle).
