okular-4.10.5-8.el7
エラータID: AXSA:2020-4545:01
リリース日:
2020/04/02 Thursday - 05:47
題名:
okular-4.10.5-8.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- okular の core/document.cpp の unpackDocumentArchive(...) 関数にはディレクトリ
トラバーサルの問題があり、ユーザが巧妙に細工された Okular アーカイブを開くことにより、
ユーザのワークステーション上で任意のファイルを作成できる脆弱性があります。
(CVE-2018-1000801)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-1000801
okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1
okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1
追加情報:
N/A
ダウンロード:
SRPMS
- okular-4.10.5-8.el7.src.rpm
MD5: 41cfb32f10f0c4ef06d92c1e401f4459
SHA-256: 14cb218dd43ac2e3eb7f9f2d93218441a72f04d8ad937e5a4f91e60c129af1fa
Size: 1.34 MB
Asianux Server 7 for x86_64
- okular-4.10.5-8.el7.x86_64.rpm
MD5: 2d5c96256c89ec1a268a1082839ddf44
SHA-256: 70b1ba7c4cb53ad54fd6f560116beb7dac7908fbbc47a622945c80b5e90860b9
Size: 413.09 kB - okular-devel-4.10.5-8.el7.x86_64.rpm
MD5: deb2f3ba86938daa643699105194f891
SHA-256: eec7c5dd7a7df9c47f5fea83816bb3eb70f7b80bf82ea5598f797fe0f70cc6f8
Size: 48.12 kB - okular-libs-4.10.5-8.el7.x86_64.rpm
MD5: 415edbc3198a13bdaa10aa67db5927d4
SHA-256: 49cd9e998c1b9d868c38ffeead62ddb5bf6c56dce4387c4ecb1cacd6c3266ee2
Size: 228.44 kB - okular-part-4.10.5-8.el7.x86_64.rpm
MD5: 239115c023ac03ce6ad2711e7042a4bc
SHA-256: 39f5174f5169ca8c5280003955b66ca377b97e7eab974548b810b310a9e83262
Size: 838.79 kB - okular-devel-4.10.5-8.el7.i686.rpm
MD5: 8e5b8258ed4dbe4fc2170afb36978338
SHA-256: 44b35166f4c2e2dbe9d07251cdb8621441ec9b20ec6a1d28871a5fc6f91b430d
Size: 48.16 kB - okular-libs-4.10.5-8.el7.i686.rpm
MD5: 2fb9169cada4869b254367019b6ca2ad
SHA-256: 7d0178320dd9f85a45110b62feb7126b8179a9b4b88550f2baa1233673e26c23
Size: 237.28 kB
English