poppler-0.26.5-17.el7

エラータID: AXSA:2017-2054:01

Release date: 
Wednesday, September 6, 2017 - 02:32
Subject: 
poppler-0.26.5-17.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.

Security Fix(es):

* A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. (CVE-2017-9775)

* An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. (CVE-2017-9776)

CVE-2017-9775
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before
0.56 allows remote attackers to cause a denial of service (application
crash) via a crafted PDF document.
CVE-2017-9776
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in
pdftocairo in Poppler before 0.56 allows remote attackers to cause a
denial of service (application crash) or possibly have unspecified
other impact via a crafted PDF document.

Solution: 

Update packages.

CVEs: 
CVE-2017-9775
Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.
CVE-2017-9776
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.
Additional Info: 

N/A

Download: 

SRPMS
  1. poppler-0.26.5-17.el7.src.rpm
    MD5: ca1467b1f9fa78086cbee88f1a47b68b
    SHA-256: a6a1e3ce8721d225492b61b3180350df67c5805ff6ec964a111da8c5220a8f6d
    Size: 1.56 MB

Asianux Server 7 for x86_64
  1. poppler-0.26.5-17.el7.x86_64.rpm
    MD5: 98ce5a33e87b62d56da4cb062fd91c8d
    SHA-256: f85f6a71c86e233515c854cfbe5f35ed0bdf7d5d701abd56d198d08376722168
    Size: 782.14 kB
  2. poppler-glib-0.26.5-17.el7.x86_64.rpm
    MD5: a7b44efb719952d5c5ac4c6f3c1829b1
    SHA-256: 52e52d1dcff9efb1bef5cc58500ed227587658378bdf4b0f9c9d0e68bc3d5f6f
    Size: 135.74 kB
  3. poppler-qt-0.26.5-17.el7.x86_64.rpm
    MD5: c588cb370bba709c624b198875a96001
    SHA-256: b2d10efe3352298ef8bd6c9da1657fa4fcd1d36db016f15fd9e37c2c3f223579
    Size: 164.97 kB
  4. poppler-utils-0.26.5-17.el7.x86_64.rpm
    MD5: 9604fe3dc34115a85cc6e62e98e1088c
    SHA-256: 690285cdf75a68ee614f5df32fb8d72c8bd48a0c5f342c67f78042245dba4da9
    Size: 166.65 kB
  5. poppler-0.26.5-17.el7.i686.rpm
    MD5: c641a8b4cf713fdf6357cf76fe029979
    SHA-256: 13b6b29c76fd66b051e9b2cc8f887834b94bc2cd47efd2d652ac8a5b3961ae97
    Size: 778.00 kB
  6. poppler-glib-0.26.5-17.el7.i686.rpm
    MD5: f2a042dcb888b90b47d5333e659b04e3
    SHA-256: 222315e6ceebd1c9b968eb22f41e65b4dbfaa7a4649e520334f6a40af06d2800
    Size: 135.32 kB
  7. poppler-qt-0.26.5-17.el7.i686.rpm
    MD5: c97870022d0c5f7c89ddaf9f88a3a1e8
    SHA-256: 3aa718a38e7eace7ef6de8034ddcc4fc2f28440bf92335ddb449608a3e51c4f9
    Size: 168.57 kB