evince-3.28.4-11.el8, poppler-20.11.0-2.el8

エラータID: AXSA:2021-2105:01

Release date: 
Tuesday, June 29, 2021 - 15:08
Subject: 
evince-3.28.4-11.el8, poppler-20.11.0-2.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

The evince packages provide a simple multi-page document viewer for Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript (EPS) files, and, with additional back-ends, also the Device Independent File format (DVI) files.

The following packages have been upgraded to a later upstream version: poppler (20.11.0).

Security Fix(es):

* poppler: pdftohtml: access to uninitialized pointer could lead to DoS (CVE-2020-27778)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.

Solution: 

Update packages.

CVEs: 
CVE-2020-27778
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
Additional Info: 

N/A

Download: 

SRPMS
  1. evince-3.28.4-11.el8.src.rpm
    MD5: 9074148af51bb00bcfae63c368f454bd
    SHA-256: 8a78211e231f190d02aa7e48268a8880173ada1cb8d3c28b031e8ad88f8a3a85
    Size: 2.15 MB
  2. poppler-20.11.0-2.el8.src.rpm
    MD5: 898a9d5ccb877e5dbc059640f1beb315
    SHA-256: 9411ed9838b7f5221725e3219c6714a5153a0320fae772d0b6df82552009b794
    Size: 4.27 MB

Asianux Server 8 for x86_64
  1. evince-3.28.4-11.el8.x86_64.rpm
    MD5: 25b8f718a1e82792e9441b8610961bac
    SHA-256: 1c1e22108cd19bfe3cfcdaa22f929b2f71322db6baf83690c09663228473284b
    Size: 1.61 MB
  2. evince-browser-plugin-3.28.4-11.el8.x86_64.rpm
    MD5: 94276f7b2652351cf405390ec128f5df
    SHA-256: 6e78f500a0f4d4516212071235824d0f1e059af974bad483ea2f40d1715698f7
    Size: 67.96 kB
  3. evince-libs-3.28.4-11.el8.x86_64.rpm
    MD5: 5d117fbe001daf107c2759731136ecbb
    SHA-256: f9f2c079048de0486abf64a68e9db80f8a739204775b477928df32b6b66cb0f2
    Size: 398.41 kB
  4. evince-nautilus-3.28.4-11.el8.x86_64.rpm
    MD5: bb74d909d18ee2994ec77147cb04013f
    SHA-256: 939062d2af3ea89cc07a4b947aaea30615125652b46752d64970c251107a2a77
    Size: 48.07 kB
  5. poppler-20.11.0-2.el8.x86_64.rpm
    MD5: 8657dcb33e37e9711ac71712b0c8bd5a
    SHA-256: 765eb256c2bbfb4a9d1a11bbfd73041cbc591bf257b1c6e575a2422d98d87ec6
    Size: 1.06 MB
  6. poppler-glib-20.11.0-2.el8.x86_64.rpm
    MD5: 65934dd67c95948fa2bca85a6d01872d
    SHA-256: 8029b213aeec7ecf9f867148308939edbe319ebcfa6b1954463c49d5c5d0a2c1
    Size: 172.84 kB
  7. poppler-utils-20.11.0-2.el8.x86_64.rpm
    MD5: 5e4513625f2220c76fdfa2e7f216b824
    SHA-256: 1e1da8a4ba193ef424b5b0d04c2b9fb025a99d69298355a6e79a02dd212f8900
    Size: 246.46 kB
  8. evince-libs-3.28.4-11.el8.i686.rpm
    MD5: d3f1e4d2a799341a84500c26786b9cab
    SHA-256: b118b6cb6ee83c3e3374de92f1d45f2cbcd50c24be4849bec19606631ba6c142
    Size: 429.74 kB
  9. poppler-20.11.0-2.el8.i686.rpm
    MD5: b59447dc67168e93b1237747fa83cd29
    SHA-256: 0ee80b418285c575464d194a13708e197cf17c7339265fca6868cba78ec56773
    Size: 1.11 MB
  10. poppler-glib-20.11.0-2.el8.i686.rpm
    MD5: 1e0dce34e532fc5a3c7317bb6235f0d5
    SHA-256: ef6eb9c3c9ce525eb7a2ba3088810a3c55400fff3fc57b98c398c59e68ecb132
    Size: 181.39 kB