Home / vulnerabilitiesPDF  

USN-631-1.txt

Posted on 29 July 2008
Source : packetstormsecurity.org Link

 

===========================================================
Ubuntu Security Notice USN-631-1 July 28, 2008
poppler vulnerability
CVE-2008-2950
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
libpoppler2 0.6-0ubuntu2.3

Ubuntu 8.04 LTS:
libpoppler2 0.6.4-1ubuntu3.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Felipe Andres Manzano discovered that poppler did not correctly initialize
certain page widgets. If a user were tricked into viewing a malicious
PDF file, a remote attacker could exploit this to crash applications
linked against poppler, leading to a denial of service.


Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6-0ubuntu2.3.diff.gz
Size/MD5: 14304 60e84880ed135ad6962b99a2f70ece45
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6-0ubuntu2.3.dsc
Size/MD5: 1217 b0b10708006d1ebafb6429e241d226e5
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.orig.tar.gz
Size/MD5: 1228142 96883867572aa1e55e979ec75369c562

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 944416 63ce3efe8420ef87d875d0640f7f289e
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 157220 9edd733b20ab242a619922ead7c7847a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 102236 d5f03ef70234c6cbfbf8a0dd7c95cf50
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 80938 2acc7fb66de4c697290ce9a8ab4b8307
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 73164 7dc11aed282cac586e446a955b4dc335
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 193558 ad541b22e629219c09de6869d39ad8c3
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 232848 25241267bb5ef700d444a11c05b9c961
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 690898 d595084121dbe420ef93d4744e3ac4f5
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_amd64.deb
Size/MD5: 126224 951f2bc9b3c53c128b9121a3c6c3d66c

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_i386.deb
Size/MD5: 887734 5eb25b39ea0c22eccd5ab4af89e4e4ed
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_i386.deb
Size/MD5: 150898 e77a0a19506f8fd6e7e5fc920b5b78a4
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_i386.deb
Size/MD5: 100076 8f1d1a787234b7d644f1a1105c7e20ef
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_i386.deb
Size/MD5: 77258 7f81da7f6ae2e9fd2ac40f719d4d27e6
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_i386.deb
Size/MD5: 72698 5ef2389b711be2cecbcf853b0b691a2e
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_i386.deb
Size/MD5: 192304 aa5fec08b8f21a9e676ef7a1132b59ac
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_i386.deb
Size/MD5: 222712 b33bd5d0336c93706424f164da057c4f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_i386.deb
Size/MD5: 668580 6ec4d78fd49e0adf8e068be8992b131b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_i386.deb
Size/MD5: 120860 591a667e48a7ca99ed49ee01ddf86263

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 904110 56b8a084f5da0ce5b483deb9145e43c8
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 151646 34078b6f1c7dd03b09a9d49c5c781ca9
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 100312 46c34f9b71c0d04b03326f73015db564
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 77740 08b6929b3048c39df47a9502bafc31d7
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 72662 2d208d0aa2e6fcc41a4124f5b1d7db2c
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 195288 2031b4483879873311a73cbfdf729a28
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 224464 c490f31e6a07a46edc5e1ebb9701c221
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 677306 8642fd84565922b7634352db04243c32
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_lpia.deb
Size/MD5: 121850 8182b5f099f787d9ed4442bf7872bb30

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 1002844 04578e12f116e510b24b9e0d2d8ee090
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 164740 4d691d9ec4ad1087165cf11fd8e5d264
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 107298 cd6acf76d851f30182bdb1fa05bfcbc3
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 80398 81f8a5a2c956e6f828ae5cb2f9f17490
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 76332 7dc41341770257d938649c48e3d7e9fa
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 199780 6a302f61dbf30c67d98090d7d25a0dbd
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 237526 b1e2c21d1488139dced83c244a497398
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 732008 82591a4bd63db01bc91975509deb2f49
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_powerpc.deb
Size/MD5: 141004 22878d01b622f6032c912b215e1606c0

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 909134 c7e4204e37f323af35fdbc1d097180e1
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 152728 07fc3f3bb10bb36a870253cd3f79a758
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 99818 70fba1d4419ceae5c1b478119e04850f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 76632 99dd6ddc6d32465402f7bf37f9308357
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 71458 18ccafdfb4dfbea92ea58264845f3e3b
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 191570 673fa1300b3bc5127149e345e17751da
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 226710 ae220abf8c8286b532b00b65b4c9a758
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 674798 5ac9f44a610b2ff43678dec030b9eaf2
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_sparc.deb
Size/MD5: 120646 ef903a0096285b7f8787ef14c43374cc

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.1.diff.gz
Size/MD5: 11034 801fe768d34b19c5fb5d8d876a4b4ebf
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.1.dsc
Size/MD5: 1221 35bf3e37bcc90b9b039a173ca6a5731f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz
Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 892090 553ff6c4f74074e995de1c4ceadc4374
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 109066 9ac88a1bd737100d2e4dddcb4b4e9d03
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 54810 3a2895f4bfa4cb8be250ba29c98cea58
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 45366 8b8d9c43295b713f015973ae57701381
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 25526 ef379832248c2821003140c48822db9f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 146692 9e77fd6a5ef457923bd773e99b6f4386
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 200584 942ec772345a806de5d6d61e5efe5549
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 644846 236a0a4d87e441b5dd8eec894d7cc208
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_amd64.deb
Size/MD5: 79032 3f2b6ea555e027cef9f14e7a1d46ff76

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 836578 16f0cc8ae631624d14091e8853422114
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 102824 179595cf6458285e1a2fd362ed3e9341
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 52320 6d4ed78b515b5447260fcff6abe5362a
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 41766 0e530837303727f8e6be6fd40d0ac78c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 25050 ebbdc3024c22581647aa90d53ef0136c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 143516 ca365941effdd98ea84329b2b5581f3c
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 189228 fc01186e6e77e1882f78de493159b36f
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 619600 d127d527e35d947bc24c7db58d865190
http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_i386.deb
Size/MD5: 73694 96f3e39b06f9387cc92bc46444c24639

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 856586 cca2260367e4d36a776d059df1b2db57
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 103760 d38e753b633b9c2a1a63b06459f34099
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 52558 0a8f18c8ee8eb5502bd58000f975f262
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 42182 1d10efadc4695ebbd4ff88123d17df98
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 24804 f7040efc7342bcd8e1b200a74a5590e5
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 145074 387ed2c8f6940de89545f0c96adc606f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 190472 30b8d7f1fbdb8860a24cc71c66b60aca
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 632768 cd3bf5d700c013b250d612c1d1db5a11
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_lpia.deb
Size/MD5: 74714 2129c0ed204b2ae04bbea1a70ab43992

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 955022 26ad8c76aa7d6d5baffacb0acb3565a3
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 115788 a0ad5fd01421395daf4664dc00586635
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 58450 a52e1f514efcbcf4ce0fe347e8c3caf3
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 45298 f2f0cf3f252ce7f60876c3ec848bd885
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 28864 6cf7cf00fed312d436163580434a6d21
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 152688 108505a8f59556e0a7ef86a6e69853d7
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 208608 77e7c025d9a6dbb7bf83586c31c94c29
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 681084 8eb4095778c5696983030cb3c9398527
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_powerpc.deb
Size/MD5: 94436 0cb05fa30a9f0d5beb1c04921b1b1829

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 857552 38149e8ecc431ca392e1d9554835860f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 104088 8ac009e507e678c542d5fc099b9d847f
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 51390 e2d53e2d16e5b6d9157599e0d42e459e
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 41170 552e12af1774ae3d3eff64869cf2d692
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 23902 863c7c02aef704172afa53cd3f8568c5
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 145338 7b42f4a00d1bf8beb99dabd7eb2424cf
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 192370 0b530b09e35e68a135c88cc416c81eaf
http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 628426 0a8aaa072e34985b91102732443e29d8
http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_sparc.deb
Size/MD5: 72988 28ca78924531b76c5c32e5da8895492a

 

TOP