Fedora 9 Security Update: poppler-0.8.1-2.fc9

Submitted by chantra on Thu, 08/07/2008 - 22:15

Resolved Bugs456867 - Poppler needs updating to 0.8.4 to avoid frequent crashes on upstream 536482454289 - CVE-2008-2950 poppler: uninitialized pointer free (oCERT-2008-007) [Fedora 9]457869 - CVE-2008-2950 affects all versions of poppler prior to 0.8.5454277 - CVE-2008-2950 poppler: uninitialized pointer free (oCERT-2008-007)448516 - Crash when opening a specific PDFSecurity fix:
Add upstream patch for CVE-2008-2950 / oCERT-2008-007 - use of
an uninitialized pointer to call free() in Page::~Page (#454277)
http://www.ocert.org/advisories/ocert-2008-007.html
Bug fixes:
Fix crash when reading QuadPoints (#448516)
Use static FT_Library in CairoOutputDev, as dynamic may trigger
use-after-free and crash e.g. evince (#456867)

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Propeller
  • Reddit
  • Magnoliacom
  • Newsvine
  • Furl
  • Facebook
  • Google
  • Yahoo
  • Technorati
  • Icerocket