=========================================================== Ubuntu Security Notice USN-631-1 July 28, 2008 poppler vulnerability CVE-2008-2950 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: libpoppler2 0.6-0ubuntu2.3 Ubuntu 8.04 LTS: libpoppler2 0.6.4-1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Felipe Andres Manzano discovered that poppler did not correctly initialize certain page widgets. If a user were tricked into viewing a malicious PDF file, a remote attacker could exploit this to crash applications linked against poppler, leading to a denial of service. Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6-0ubuntu2.3.diff.gz Size/MD5: 14304 60e84880ed135ad6962b99a2f70ece45 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6-0ubuntu2.3.dsc Size/MD5: 1217 b0b10708006d1ebafb6429e241d226e5 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.orig.tar.gz Size/MD5: 1228142 96883867572aa1e55e979ec75369c562 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_amd64.deb Size/MD5: 944416 63ce3efe8420ef87d875d0640f7f289e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_amd64.deb Size/MD5: 157220 9edd733b20ab242a619922ead7c7847a http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_amd64.deb Size/MD5: 102236 d5f03ef70234c6cbfbf8a0dd7c95cf50 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_amd64.deb Size/MD5: 80938 2acc7fb66de4c697290ce9a8ab4b8307 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_amd64.deb Size/MD5: 73164 7dc11aed282cac586e446a955b4dc335 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_amd64.deb Size/MD5: 193558 ad541b22e629219c09de6869d39ad8c3 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_amd64.deb Size/MD5: 232848 25241267bb5ef700d444a11c05b9c961 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_amd64.deb Size/MD5: 690898 d595084121dbe420ef93d4744e3ac4f5 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_amd64.deb Size/MD5: 126224 951f2bc9b3c53c128b9121a3c6c3d66c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_i386.deb Size/MD5: 887734 5eb25b39ea0c22eccd5ab4af89e4e4ed http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_i386.deb Size/MD5: 150898 e77a0a19506f8fd6e7e5fc920b5b78a4 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_i386.deb Size/MD5: 100076 8f1d1a787234b7d644f1a1105c7e20ef http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_i386.deb Size/MD5: 77258 7f81da7f6ae2e9fd2ac40f719d4d27e6 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_i386.deb Size/MD5: 72698 5ef2389b711be2cecbcf853b0b691a2e http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_i386.deb Size/MD5: 192304 aa5fec08b8f21a9e676ef7a1132b59ac http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_i386.deb Size/MD5: 222712 b33bd5d0336c93706424f164da057c4f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_i386.deb Size/MD5: 668580 6ec4d78fd49e0adf8e068be8992b131b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_i386.deb Size/MD5: 120860 591a667e48a7ca99ed49ee01ddf86263 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_lpia.deb Size/MD5: 904110 56b8a084f5da0ce5b483deb9145e43c8 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_lpia.deb Size/MD5: 151646 34078b6f1c7dd03b09a9d49c5c781ca9 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_lpia.deb Size/MD5: 100312 46c34f9b71c0d04b03326f73015db564 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_lpia.deb Size/MD5: 77740 08b6929b3048c39df47a9502bafc31d7 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_lpia.deb Size/MD5: 72662 2d208d0aa2e6fcc41a4124f5b1d7db2c http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_lpia.deb Size/MD5: 195288 2031b4483879873311a73cbfdf729a28 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_lpia.deb Size/MD5: 224464 c490f31e6a07a46edc5e1ebb9701c221 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_lpia.deb Size/MD5: 677306 8642fd84565922b7634352db04243c32 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_lpia.deb Size/MD5: 121850 8182b5f099f787d9ed4442bf7872bb30 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 1002844 04578e12f116e510b24b9e0d2d8ee090 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 164740 4d691d9ec4ad1087165cf11fd8e5d264 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 107298 cd6acf76d851f30182bdb1fa05bfcbc3 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 80398 81f8a5a2c956e6f828ae5cb2f9f17490 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 76332 7dc41341770257d938649c48e3d7e9fa http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 199780 6a302f61dbf30c67d98090d7d25a0dbd http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 237526 b1e2c21d1488139dced83c244a497398 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 732008 82591a4bd63db01bc91975509deb2f49 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_powerpc.deb Size/MD5: 141004 22878d01b622f6032c912b215e1606c0 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6-0ubuntu2.3_sparc.deb Size/MD5: 909134 c7e4204e37f323af35fdbc1d097180e1 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6-0ubuntu2.3_sparc.deb Size/MD5: 152728 07fc3f3bb10bb36a870253cd3f79a758 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6-0ubuntu2.3_sparc.deb Size/MD5: 99818 70fba1d4419ceae5c1b478119e04850f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6-0ubuntu2.3_sparc.deb Size/MD5: 76632 99dd6ddc6d32465402f7bf37f9308357 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6-0ubuntu2.3_sparc.deb Size/MD5: 71458 18ccafdfb4dfbea92ea58264845f3e3b http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6-0ubuntu2.3_sparc.deb Size/MD5: 191570 673fa1300b3bc5127149e345e17751da http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6-0ubuntu2.3_sparc.deb Size/MD5: 226710 ae220abf8c8286b532b00b65b4c9a758 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6-0ubuntu2.3_sparc.deb Size/MD5: 674798 5ac9f44a610b2ff43678dec030b9eaf2 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6-0ubuntu2.3_sparc.deb Size/MD5: 120646 ef903a0096285b7f8787ef14c43374cc Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.1.diff.gz Size/MD5: 11034 801fe768d34b19c5fb5d8d876a4b4ebf http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.1.dsc Size/MD5: 1221 35bf3e37bcc90b9b039a173ca6a5731f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 892090 553ff6c4f74074e995de1c4ceadc4374 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 109066 9ac88a1bd737100d2e4dddcb4b4e9d03 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 54810 3a2895f4bfa4cb8be250ba29c98cea58 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 45366 8b8d9c43295b713f015973ae57701381 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 25526 ef379832248c2821003140c48822db9f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 146692 9e77fd6a5ef457923bd773e99b6f4386 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 200584 942ec772345a806de5d6d61e5efe5549 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 644846 236a0a4d87e441b5dd8eec894d7cc208 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_amd64.deb Size/MD5: 79032 3f2b6ea555e027cef9f14e7a1d46ff76 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 836578 16f0cc8ae631624d14091e8853422114 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 102824 179595cf6458285e1a2fd362ed3e9341 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 52320 6d4ed78b515b5447260fcff6abe5362a http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 41766 0e530837303727f8e6be6fd40d0ac78c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 25050 ebbdc3024c22581647aa90d53ef0136c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 143516 ca365941effdd98ea84329b2b5581f3c http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 189228 fc01186e6e77e1882f78de493159b36f http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 619600 d127d527e35d947bc24c7db58d865190 http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_i386.deb Size/MD5: 73694 96f3e39b06f9387cc92bc46444c24639 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 856586 cca2260367e4d36a776d059df1b2db57 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 103760 d38e753b633b9c2a1a63b06459f34099 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 52558 0a8f18c8ee8eb5502bd58000f975f262 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 42182 1d10efadc4695ebbd4ff88123d17df98 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 24804 f7040efc7342bcd8e1b200a74a5590e5 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 145074 387ed2c8f6940de89545f0c96adc606f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 190472 30b8d7f1fbdb8860a24cc71c66b60aca http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 632768 cd3bf5d700c013b250d612c1d1db5a11 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_lpia.deb Size/MD5: 74714 2129c0ed204b2ae04bbea1a70ab43992 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 955022 26ad8c76aa7d6d5baffacb0acb3565a3 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 115788 a0ad5fd01421395daf4664dc00586635 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 58450 a52e1f514efcbcf4ce0fe347e8c3caf3 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 45298 f2f0cf3f252ce7f60876c3ec848bd885 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 28864 6cf7cf00fed312d436163580434a6d21 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 152688 108505a8f59556e0a7ef86a6e69853d7 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 208608 77e7c025d9a6dbb7bf83586c31c94c29 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 681084 8eb4095778c5696983030cb3c9398527 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_powerpc.deb Size/MD5: 94436 0cb05fa30a9f0d5beb1c04921b1b1829 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 857552 38149e8ecc431ca392e1d9554835860f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 104088 8ac009e507e678c542d5fc099b9d847f http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 51390 e2d53e2d16e5b6d9157599e0d42e459e http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 41170 552e12af1774ae3d3eff64869cf2d692 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 23902 863c7c02aef704172afa53cd3f8568c5 http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 145338 7b42f4a00d1bf8beb99dabd7eb2424cf http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 192370 0b530b09e35e68a135c88cc416c81eaf http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 628426 0a8aaa072e34985b91102732443e29d8 http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.1_sparc.deb Size/MD5: 72988 28ca78924531b76c5c32e5da8895492a
Attachment:
signature.asc
Description: Digital signature
-- ubuntu-security-announce mailing list ubuntu-security-announce@xxxxxxxxxxxxxxxx Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce