KDE has issued an advisory on March 12: https://kde.org/info/security/advisory-20200312-1.txt The issue is fixed upstream in 20.04.0. The upstream patch that fixed the issue is linked in the message above. Mageia 7 is also affected.
Status comment: (none) => Patch available from upstreamWhiteboard: (none) => MGA7TOO
Done for both Cauldron and mga7!
CC: (none) => geiger.david68210
Advisory: ======================== Updated okular packages fix security vulnerability: Okular can be tricked into executing local binaries via specially crafted PDF files. This binary execution can require almost no user interaction. No parameters can be passed to those local binaries (CVE-2020-9359). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9359 https://kde.org/info/security/advisory-20200312-1.txt ======================== Updated packages in core/updates_testing: ======================== okular-19.04.0-1.1.mga7 okular-handbook-19.04.0-1.1.mga7 libokularcore9-19.04.0-1.1.mga7 okular-devel-19.04.0-1.1.mga7 from okular-19.04.0-1.1.mga7.src.rpm
Status comment: Patch available from upstream => (none)Whiteboard: MGA7TOO => (none)Version: Cauldron => 7Assignee: kde => qa-bugs
Core i5-2500, Integrated Intel graphics, 64-bit Plasma system. Packages installed cleanly. Read several pdfs and printed one, also read a Postscript file. Everything worked as it should.
CC: (none) => andrewsfarmWhiteboard: (none) => MGA7-64-OK
Forgot to mention, checked the "forms" function on a couple of fill-in tax forms, as well.
Dell Dimension e520, Core 2 Quad 6600, Radeon HD 8490 graphics, 32-bit Plasma system. Packages installed cleanly. Performed the same tests as in Comments 3 and 4, with the exception of printing, with the same results. I'd say this is good to go. Validating. Advisory information in Comment 2.
CC: (none) => sysadmin-bugsKeywords: (none) => validated_updateWhiteboard: MGA7-64-OK => MGA7-64-OK MGA7-32-OK
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0145.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED