CVEs have been allocated for a few security issues in poppler: http://openwall.com/lists/oss-security/2013/10/29/1 There is also CVE-2013-4472 which also affects xpdf, but we'll have to handle that later as there is not a fix available for it yet. CVE-2013-4473 was fixed in 0.24.2 (already in Cauldron) here: http://cgit.freedesktop.org/poppler/poppler/diff/utils/pdfseparate.cc?id=b8682d868ddf7f741e93b CVE-2013-4474 was fixed in 0.24.3 here: http://cgit.freedesktop.org/poppler/poppler/commit/?id=61f79b8447c3ac8ab5a26e79e0c28053ffdccf75 Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO, MGA2TOO
Fixed with poppler-0.22.1-1.1.mga3 but the patch needs to be ported to poppler-0.18.4 in mga2 http://svnweb.mageia.org/packages?view=revision&revision=547921
CC: (none) => oe
And for cauldron, either submit the latest version or patch it to fix CVE-2013-4474. cgit.freedesktop.org/poppler/poppler/commit/?id=61f79b8447c3ac8ab5a26e79e0c28053ffdccf75
Thanks Oden! Hopefully we'll get a backported patch for 0.18.x from another distro. Oden has also requested a freeze push for 0.24.3 for Cauldron. Uploaded for Mageia 3: poppler-0.22.1-1.1.mga3 libpoppler34-0.22.1-1.1.mga3 libpoppler-devel-0.22.1-1.1.mga3 libpoppler-cpp0-0.22.1-1.1.mga3 libpoppler-qt4-devel-0.22.1-1.1.mga3 libpoppler-qt4_4-0.22.1-1.1.mga3 libpoppler-glib8-0.22.1-1.1.mga3 libpoppler-gir0.18-0.22.1-1.1.mga3 libpoppler-glib-devel-0.22.1-1.1.mga3 libpoppler-cpp-devel-0.22.1-1.1.mga3 from poppler-0.22.1-1.1.mga3.src.rpm
poppler-0.24.3-1.mga4 has been uploaded for Cauldron.
Version: Cauldron => 3Whiteboard: MGA3TOO, MGA2TOO => MGA2TOO
Fedora has issued an advisory for this on November 1: https://lists.fedoraproject.org/pipermail/package-announce/2013-November/121297.html
URL: http://openwall.com/lists/oss-security/2013/10/26/1 => http://lwn.net/Vulnerabilities/573532/
Fedora issued an update for Fedora 18 with poppler 0.20.2, so backporting the patches from there to 0.18.4 was easy. The CVE-2013-4473 patch applied cleanly, and the CVE-2013-4474 patch only needed a minor change. Assigning to QA now. Advisory: ======================== Updated poppler packages fix security vulnerabilities: Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploits may result in denial-of-service conditions (CVE-2013-4473). Poppler was found to have a user controlled format string vulnerability because it fails to sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition (CVE-2013-4474). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474 https://lists.fedoraproject.org/pipermail/package-announce/2013-November/121297.html ======================== Updated packages in core/updates_testing: ======================== poppler-0.18.4-2.3.mga2 libpoppler19-0.18.4-2.3.mga2 libpoppler-devel-0.18.4-2.3.mga2 libpoppler-cpp0-0.18.4-2.3.mga2 libpoppler-qt4-devel-0.18.4-2.3.mga2 libpoppler-qt4-3-0.18.4-2.3.mga2 libpoppler-glib8-0.18.4-2.3.mga2 libpoppler-gir0.18-0.18.4-2.3.mga2 libpoppler-glib-devel-0.18.4-2.3.mga2 libpoppler-cpp-devel-0.18.4-2.3.mga2 poppler-0.22.1-1.1.mga3 libpoppler34-0.22.1-1.1.mga3 libpoppler-devel-0.22.1-1.1.mga3 libpoppler-cpp0-0.22.1-1.1.mga3 libpoppler-qt4-devel-0.22.1-1.1.mga3 libpoppler-qt4_4-0.22.1-1.1.mga3 libpoppler-glib8-0.22.1-1.1.mga3 libpoppler-gir0.18-0.22.1-1.1.mga3 libpoppler-glib-devel-0.22.1-1.1.mga3 libpoppler-cpp-devel-0.22.1-1.1.mga3 from SRPMS: poppler-0.18.4-2.3.mga2.src.rpm poppler-0.22.1-1.1.mga3.src.rpm
Assignee: bugsquad => qa-bugsSeverity: normal => major
Procedure: https://bugs.mageia.org/show_bug.cgi?id=9390#c3
Whiteboard: MGA2TOO => MGA2TOO has_procedure
Advisory uploaded. Please remove 'advisory' tag from whiteboard if anything changes.
Whiteboard: MGA2TOO has_procedure => MGA2TOO has_procedure advisory
Testing complete mga2 32
Whiteboard: MGA2TOO has_procedure advisory => MGA2TOO has_procedure advisory mga2-32-ok
Testing complete mga2 64
Whiteboard: MGA2TOO has_procedure advisory mga2-32-ok => MGA2TOO has_procedure advisory mga2-32-ok mga2-64-ok
Testing complete mga3 32 & 64 Validating. Could sysadmin please push from 2&3 core/updates_testing to updates Thanks!
Keywords: (none) => validated_updateWhiteboard: MGA2TOO has_procedure advisory mga2-32-ok mga2-64-ok => MGA2TOO has_procedure advisory mga2-32-ok mga2-64-ok mga3-32-ok mga3-64-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0332.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED