evince-3.28.2-9.el7poppler-0.26.5-42.el7
エラータID: AXSA:2020-4565:01
リリース日:
2020/04/02 Thursday - 08:38
題名:
evince-3.28.2-9.el7poppler-0.26.5-42.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- poppler は、 Parser.cc の Parser::makeStream に、整数オーバーフローの
脆弱性があります。(CVE-2018-21009)
- poppler は、 PSOutputDev.cc の PSOutputDev::checkPageSlice 関数に、
ヒープベースのバッファオーバーリードの脆弱性があります。(CVE-2019-10871)
- GNOME Evince の TIFF ドキュメントのバックエンドの tiff_document_render() と
tiff_document_get_thumbnail() 関数には、TIFF イメージファイルを処理する際に
初期化されないメモリの使用につながる脆弱性があります。(CVE-2019-11459)
- poppler は JPEG2000Stream.cc の JPXStream::init に、不整合な高さや幅を持つ
データによって、ヒープベースのバッファオーバーリードの脆弱性があります。(CVE-2019-12293)
- poppler の JPXStream::init 関数にはストリームの長さの負数をチェックしておらず、
整数オーバーフローにつながる問題があり、pdftocairo で例証されるように、攻撃者に
よって制御できるサイズでヒープに大きなメモリチャンクを割り当てできる脆弱性があります。
(CVE-2019-9959)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-10871
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
CVE-2019-11459
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
CVE-2019-12293
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
CVE-2019-9959
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
追加情報:
N/A
ダウンロード:
SRPMS
- evince-3.28.2-9.el7.src.rpm
MD5: 37129dbe5724e201f6b174c7cc7af952
SHA-256: cb8a29d466b6b01ccb712712807eca7fee4176212189e99970db479807aef7b1
Size: 3.28 MB - poppler-0.26.5-42.el7.src.rpm
MD5: a4020f017da5ab7500488227d7ffb0e6
SHA-256: ebd4eb09af730ce3e6b4f704684939250379e302e3528d5217a5f4092ed78312
Size: 1.59 MB
Asianux Server 7 for x86_64
- evince-3.28.2-9.el7.x86_64.rpm
MD5: 311d0d503b320873956e553b12431e3a
SHA-256: 85d31fae2cb2f92740d9b83af2d1ebea96b16614e4d9393b0b5087ba6a623edc
Size: 2.27 MB - evince-dvi-3.28.2-9.el7.x86_64.rpm
MD5: 9a4f2d702b2f5aaac817a3d48616046b
SHA-256: 05698452087343bce3f69cb5cc791fb1b58bf7b1ac917f6bad441bac626be314
Size: 95.12 kB - evince-libs-3.28.2-9.el7.x86_64.rpm
MD5: b015871e91e7f18db7983989b2c95782
SHA-256: 049143d78687f32739eef59c4fb6bd40b86676c4464daa667983cee41e91bdbf
Size: 390.41 kB - evince-nautilus-3.28.2-9.el7.x86_64.rpm
MD5: cdfb640addb4ba3db080a0b616d2fafd
SHA-256: b8ec6b5d1c6a798db6b3a770e8035607d54d7dfe2ba30735148c571ed0042904
Size: 41.12 kB - poppler-0.26.5-42.el7.x86_64.rpm
MD5: 14aae97fce2983543417519947149a8b
SHA-256: d202f334b1b0f69bbdd669d5e96fd0ce29cc710c9527ed172e747acc4f1bfaa7
Size: 786.32 kB - poppler-glib-0.26.5-42.el7.x86_64.rpm
MD5: e5d9f2428d0eb7d3d6480d84f277a636
SHA-256: 7499345326c3b1dbf75f26add5aad07c3dfe2843a81ab57835cef09ce84bbb38
Size: 140.00 kB - poppler-qt-0.26.5-42.el7.x86_64.rpm
MD5: b1e9634619032ddaf28bef4310d47950
SHA-256: ce21e5fef0a81300e371b666bdb952382c183d2cd95b252b252aa5074fc534a7
Size: 168.35 kB - poppler-utils-0.26.5-42.el7.x86_64.rpm
MD5: 101696373d41aa21f360c418ac4a0201
SHA-256: f0f136eb25136a00e47fd2f5c83db2fc7e20664ea2bd3a0d2e63149f6d4946c8
Size: 169.00 kB - evince-libs-3.28.2-9.el7.i686.rpm
MD5: a5216cae8632cddafa3872d23f3569fc
SHA-256: 2480e2e6979bbac0417e67c873246dca22d0d309d42ca0a654cf8f468422ca8d
Size: 392.20 kB - poppler-0.26.5-42.el7.i686.rpm
MD5: b9b82286b10c195fa378b1318ecfcae3
SHA-256: 32ba41c7e3d04d0dd5d6b07ec41dc7ea89cbecd4b99eab02d6d3749416b874f0
Size: 782.58 kB - poppler-glib-0.26.5-42.el7.i686.rpm
MD5: 1736f7df2f9d79de65686c6700adec2b
SHA-256: ee7e78ea577da385d0ac3174c0a66a33cf180d2e69b6caa311f40485b71f7f22
Size: 139.94 kB - poppler-qt-0.26.5-42.el7.i686.rpm
MD5: 1caf4b868e86a4a94b9b576ca749c3d6
SHA-256: 2e6309a914cc7f5f93eaffddcc289588d086003bf9253b3082ce5b9c363cca22
Size: 172.02 kB