UbuntuUpdates.org

Package "poppler-utils"

Name: poppler-utils

Description:

PDF utilities (based on Poppler)
Latest version: 0.18.4-1ubuntu3.2
Release: precise (12.04)
Level: security
Repository: main
Head package: poppler
Homepage: http://poppler.freedesktop.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "poppler-utils"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "poppler-utils" in Precise

Repository Area Version
base main 0.18.4-1ubuntu2
updates main 0.18.4-1ubuntu3.2

Changelog

Version: 0.18.4-1ubuntu3.2 2016-05-02 18:06:42 UTC

  poppler (0.18.4-1ubuntu3.2) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service in pdfseparate via long filename
    - debian/patches/CVE-2013-4473.patch: improve path building in
      utils/pdfseparate.cc.
    - CVE-2013-4473
  * SECURITY UPDATE: denial of service in pdfseparate via string specifiers
    in filename
    - debian/patches/CVE-2013-4474.patch: properly filter filename in
      utils/pdfseparate.cc.
    - CVE-2013-4474
  * SECURITY UPDATE: heap overflow on invalid files
    - debian/patches/CVE-2015-8868.patch: check length of C0 array in
      poppler/Function.cc.
    - CVE-2015-8868

 -- Marc Deslauriers <email address hidden> Fri, 29 Apr 2016 16:08:29 -0400
Source diff to previous version
CVE-2013-4473 Stack-based buffer overflow in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.2 allows remote attackers to cause a denial o
CVE-2013-4474 Format string vulnerability in the extractPages function in utils/pdfseparate.cc in poppler before 0.24.3 allows remote attackers to cause a denial o
CVE-2015-8868 heap overflow

Version: 0.18.4-1ubuntu3.1 2013-04-02 13:07:31 UTC

  poppler (0.18.4-1ubuntu3.1) precise-security; urgency=low

  * SECURITY UPDATE: invalid memory access issues
    - debian/patches/CVE-2013-1788.patch: add checks in poppler/Function.cc,
      poppler/Stream.cc, splash/Splash.cc.
    - CVE-2013-1788
  * SECURITY UPDATE: uninitialized memory read
    - debian/patches/CVE-2013-1790.patch: properly handle refLine in
      poppler/Stream.cc.
    - CVE-2013-1790
 -- Marc Deslauriers <email address hidden> Wed, 27 Mar 2013 09:32:19 -0400
CVE-2013-1788 invalid memory issues
CVE-2013-1790 uninitialized memory read


About   -   Send Feedback to @ubuntu_updates