Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in poppler (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in poppler (Aktualisierung)
ID: DSA-4079-2
Distribution: Debian
Plattformen: Debian jessie
Datum: Do, 12. April 2018, 16:39
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
Update von: Mehrere Probleme in poppler

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4079-2 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
April 12, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : poppler
CVE ID : CVE-2017-9776
Debian Bug : 890826

It was discovered that the poppler upload for the oldstable distribution
(jessie), released as DSA-4079-1, did not correctly address
CVE-2017-9776 and additionally caused regressions when rendering PDFs
embedding JBIG2 streams. Updated packages are now available to correct
this issue.

For the oldstable distribution (jessie), this problem has been fixed
in version 0.26.5-2+deb8u4.

We recommend that you upgrade your poppler packages.

For the detailed security status of poppler please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/poppler

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlrPX7hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RTwg/7Bmho3vLAxQs0z/Sn2c4WDLzAlzeQ4g5ObCoWmN/fa+Hn5fDoG5Vi2aaC
MHiG0XRM058pCd6+MOy4QwIt5rZfabLJHbKMlmn7yHDWNYQNDMyo6ILxet1IRled
1uG9ReHemdTxn0zdLKP5BS8ZQDQs1+KIinZApB/8/G+Q2n4ZHjIiOk15cTKP7U7J
xuzS4G+XefLPlyvC26dTq4cTubJ7PUCIEHk5QXUJgu7IONskQEpJhsJu44YnmWMO
V9yNitwiHc0r5YHi3+U6hdPHOd0m88AckVDdhRFHclSUlE8VIGs0s7y0AfAYBwEF
/VA85dkFFS3Y0vRCEgdZxh7j5wt/dYrojqi6c7HjyKC5j9UkrjlBkq3uuBP2A0/t
LVRfmNeJFl3CHMLfuNhklzdGRslUYLemtXR+vVUTLFoN6g5dElHYyo4jzUdkM+GX
uG7bkCPS6ZATCE1Y1PATdeCAFCse/D/PK+tLQc1aE/ZzGodRDkW5RIZ1aFNq8vPx
H4wnQyOGvtC5lP7QxGLlNo7Gm8sbt2tO8NThkWGSWFRRZmrQ5+FYUHRVUgQ03mu5
o6Yi75kcf2TXkkSR5ZEkNR926R3AGOI2aO9ztjqiDNfqnYp29WC/53h+bpcyXFgL
cOoaluc4f3KgAv8v1m12+TuXEtQThUh4D7Tzet1WkvGCsrcMPWQ=
=74Ox
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten
Werbung