drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in poppler
Name: |
Zwei Probleme in poppler |
|
ID: |
USN-3517-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04, Ubuntu 17.10 |
|
Datum: |
Mo, 8. Januar 2018, 17:05 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976 |
|
Applikationen: |
poppler |
|
Originalnachricht |
--===============8159255783492711435== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-BfmYYHDRs0KndsAYen24"
--=-BfmYYHDRs0KndsAYen24 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3517-1 January 08, 2018
poppler vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.10 - Ubuntu 17.04 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in poppler.
Software Description: - poppler: PDF rendering library
Details:
It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could execute arbitrary. (CVE-2017-1000456)
It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2017-14976)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.10: libpoppler68 0.57.0-2ubuntu4.2 poppler-utils 0.57.0-2ubuntu4.2
Ubuntu 17.04: libpoppler64 0.48.0-2ubuntu2.5 poppler-utils 0.48.0-2ubuntu2.5
Ubuntu 16.04 LTS: libpoppler58 0.41.0-0ubuntu1.6 poppler-utils 0.41.0-0ubuntu1.6
Ubuntu 14.04 LTS: libpoppler44 0.24.5-2ubuntu4.9 poppler-utils 0.24.5-2ubuntu4.9
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3517-1 CVE-2017-1000456, CVE-2017-14976
Package Information: https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu4.2 https://launchpad.net/ubuntu/+source/poppler/0.48.0-2ubuntu2.5 https://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.6 https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.9
--=-BfmYYHDRs0KndsAYen24 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJaU4KHAAoJEEW851uECx9pDx4QAI4bVNSRlTMcLzs2YG3dDbki 3/brGKiI0G5mMLqnbTSD5ZNgkZuBgFk+0lOH7bU0FtxH94a3+bEQNsXYrOWdcOvd 6Ds8UBNTDYDpeFwywxQY/LScwtUTMvKDud2xJZq5Xj8XqIJLDpF1Niln4PcYPCxE cokfv/ZZUmZA4USVJ+/peVNnOM5m3QvB6e7LGmtmDT2f1T5WDIwg/IpdPlMV6C2V TKYSswmL4qX/JtLOe971jrauZp+0FQeF6Ez6Cv47NbtGQsy00Fr95ACiT56vcuKz DLR2SV+tlvsryKvDAVZsdMZiMEXtkgAAjBPWGdgNDXNwCuORpuyLWOzqR3qZO8zX AyvPMNV0YL5fuGye4rJJ0MjJcellUQYB9iEemcJe+4gwUsSZJF7n0mn77pFID2pC 4uAwrjaWzFrCuJH1jIp/rvwVDrWR2JfBNEbNKkTT4/GfQ0vKpLznUmVqo9mvrwaJ L4Qb3sbflGu/uOf7rJrSO1vSMGINrV8RAKFpqWx270bVoPZM9CQYAVM42j9cC0VX AsmhtKjPj46zffYzEOIaY/oWn4H3RZpQihcl0w4sHOafS1wekv/0djsotMdpxKV6 4eT5pZcz6JO7X/B5aHhMEJV2PUjhFCJ4R1SJBjFauOweSxA2uFlWEC5dEPELIXds fhN8BVVkQxWO2oTN7BVz =PdC5 -----END PGP SIGNATURE-----
--=-BfmYYHDRs0KndsAYen24--
--===============8159255783492711435== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============8159255783492711435==--
|
|
|
|