-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: poppler security, bug fix, and enhancement update Advisory ID: RHSA-2019:2022-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2022 Issue date: 2019-08-06 CVE Names: CVE-2018-16646 CVE-2018-18897 CVE-2018-19058 CVE-2018-19059 CVE-2018-19060 CVE-2018-19149 CVE-2018-20481 CVE-2018-20650 CVE-2018-20662 CVE-2019-7310 CVE-2019-9200 CVE-2019-9631 ==================================================================== 1. Summary: An update for poppler, evince, and okular is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince or Okular. Security Fix(es): * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc (CVE-2019-7310) * poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc (CVE-2019-9200) * poppler: infinite recursion in Parser::getObj function in Parser.cc (CVE-2018-16646) * poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc (CVE-2018-18897) * poppler: reachable abort in Object.h (CVE-2018-19058) * poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc (CVE-2018-19059) * poppler: pdfdetach utility does not validate save paths (CVE-2018-19060) * poppler: NULL pointer dereference in _poppler_attachment_new (CVE-2018-19149) * poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc (CVE-2018-20481) * poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc (CVE-2018-20650) * poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc (CVE-2018-20662) * poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc (CVE-2019-9631) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1378075 - Evince is not showing comments in document 1378961 - Error displaying PDF in Evince 1458037 - [RFE] okular should also display the FontName (after font path) 1541358 - [RFE] Evince does not read PDF file PrintScaling scaling tags 1626618 - CVE-2018-16646 poppler: infinite recursion in Parser::getObj function in Parser.cc 1639595 - [RFE] provide fontname for used fonts 1646546 - CVE-2018-18897 poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc 1649435 - CVE-2018-19058 poppler: reachable abort in Object.h 1649440 - CVE-2018-19059 poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc 1649450 - CVE-2018-19060 poppler: pdfdetach utility does not validate save paths 1649457 - CVE-2018-19149 poppler: NULL pointer dereference in _poppler_attachment_new 1658304 - Export PrintScaling preference 1665263 - CVE-2018-20650 poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc 1665266 - CVE-2018-20481 poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc 1665273 - CVE-2018-20662 poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc 1672419 - CVE-2019-7310 poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc 1683632 - CVE-2019-9200 poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc 1686802 - CVE-2019-9631 poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: evince-3.28.2-8.el7.src.rpm okular-4.10.5-7.el7.src.rpm poppler-0.26.5-38.el7.src.rpm x86_64: evince-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-dvi-3.28.2-8.el7.x86_64.rpm evince-libs-3.28.2-8.el7.i686.rpm evince-libs-3.28.2-8.el7.x86_64.rpm evince-nautilus-3.28.2-8.el7.x86_64.rpm okular-4.10.5-7.el7.x86_64.rpm okular-debuginfo-4.10.5-7.el7.i686.rpm okular-debuginfo-4.10.5-7.el7.x86_64.rpm okular-libs-4.10.5-7.el7.i686.rpm okular-libs-4.10.5-7.el7.x86_64.rpm okular-part-4.10.5-7.el7.x86_64.rpm poppler-0.26.5-38.el7.i686.rpm poppler-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-glib-0.26.5-38.el7.i686.rpm poppler-glib-0.26.5-38.el7.x86_64.rpm poppler-qt-0.26.5-38.el7.i686.rpm poppler-qt-0.26.5-38.el7.x86_64.rpm poppler-utils-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: evince-browser-plugin-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-devel-3.28.2-8.el7.i686.rpm evince-devel-3.28.2-8.el7.x86_64.rpm okular-debuginfo-4.10.5-7.el7.i686.rpm okular-debuginfo-4.10.5-7.el7.x86_64.rpm okular-devel-4.10.5-7.el7.i686.rpm okular-devel-4.10.5-7.el7.x86_64.rpm poppler-cpp-0.26.5-38.el7.i686.rpm poppler-cpp-0.26.5-38.el7.x86_64.rpm poppler-cpp-devel-0.26.5-38.el7.i686.rpm poppler-cpp-devel-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-demos-0.26.5-38.el7.x86_64.rpm poppler-devel-0.26.5-38.el7.i686.rpm poppler-devel-0.26.5-38.el7.x86_64.rpm poppler-glib-devel-0.26.5-38.el7.i686.rpm poppler-glib-devel-0.26.5-38.el7.x86_64.rpm poppler-qt-devel-0.26.5-38.el7.i686.rpm poppler-qt-devel-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: poppler-0.26.5-38.el7.src.rpm x86_64: poppler-0.26.5-38.el7.i686.rpm poppler-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-qt-0.26.5-38.el7.i686.rpm poppler-qt-0.26.5-38.el7.x86_64.rpm poppler-utils-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: poppler-cpp-0.26.5-38.el7.i686.rpm poppler-cpp-0.26.5-38.el7.x86_64.rpm poppler-cpp-devel-0.26.5-38.el7.i686.rpm poppler-cpp-devel-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-demos-0.26.5-38.el7.x86_64.rpm poppler-devel-0.26.5-38.el7.i686.rpm poppler-devel-0.26.5-38.el7.x86_64.rpm poppler-glib-0.26.5-38.el7.i686.rpm poppler-glib-0.26.5-38.el7.x86_64.rpm poppler-glib-devel-0.26.5-38.el7.i686.rpm poppler-glib-devel-0.26.5-38.el7.x86_64.rpm poppler-qt-devel-0.26.5-38.el7.i686.rpm poppler-qt-devel-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: evince-3.28.2-8.el7.src.rpm okular-4.10.5-7.el7.src.rpm poppler-0.26.5-38.el7.src.rpm ppc64: evince-3.28.2-8.el7.ppc64.rpm evince-debuginfo-3.28.2-8.el7.ppc.rpm evince-debuginfo-3.28.2-8.el7.ppc64.rpm evince-dvi-3.28.2-8.el7.ppc64.rpm evince-libs-3.28.2-8.el7.ppc.rpm evince-libs-3.28.2-8.el7.ppc64.rpm evince-nautilus-3.28.2-8.el7.ppc64.rpm poppler-0.26.5-38.el7.ppc.rpm poppler-0.26.5-38.el7.ppc64.rpm poppler-debuginfo-0.26.5-38.el7.ppc.rpm poppler-debuginfo-0.26.5-38.el7.ppc64.rpm poppler-glib-0.26.5-38.el7.ppc.rpm poppler-glib-0.26.5-38.el7.ppc64.rpm poppler-utils-0.26.5-38.el7.ppc64.rpm ppc64le: evince-3.28.2-8.el7.ppc64le.rpm evince-debuginfo-3.28.2-8.el7.ppc64le.rpm evince-dvi-3.28.2-8.el7.ppc64le.rpm evince-libs-3.28.2-8.el7.ppc64le.rpm evince-nautilus-3.28.2-8.el7.ppc64le.rpm okular-4.10.5-7.el7.ppc64le.rpm okular-debuginfo-4.10.5-7.el7.ppc64le.rpm okular-devel-4.10.5-7.el7.ppc64le.rpm okular-libs-4.10.5-7.el7.ppc64le.rpm okular-part-4.10.5-7.el7.ppc64le.rpm poppler-0.26.5-38.el7.ppc64le.rpm poppler-debuginfo-0.26.5-38.el7.ppc64le.rpm poppler-glib-0.26.5-38.el7.ppc64le.rpm poppler-qt-0.26.5-38.el7.ppc64le.rpm poppler-utils-0.26.5-38.el7.ppc64le.rpm s390x: evince-3.28.2-8.el7.s390x.rpm evince-debuginfo-3.28.2-8.el7.s390.rpm evince-debuginfo-3.28.2-8.el7.s390x.rpm evince-dvi-3.28.2-8.el7.s390x.rpm evince-libs-3.28.2-8.el7.s390.rpm evince-libs-3.28.2-8.el7.s390x.rpm evince-nautilus-3.28.2-8.el7.s390x.rpm poppler-0.26.5-38.el7.s390.rpm poppler-0.26.5-38.el7.s390x.rpm poppler-debuginfo-0.26.5-38.el7.s390.rpm poppler-debuginfo-0.26.5-38.el7.s390x.rpm poppler-glib-0.26.5-38.el7.s390.rpm poppler-glib-0.26.5-38.el7.s390x.rpm poppler-utils-0.26.5-38.el7.s390x.rpm x86_64: evince-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-dvi-3.28.2-8.el7.x86_64.rpm evince-libs-3.28.2-8.el7.i686.rpm evince-libs-3.28.2-8.el7.x86_64.rpm evince-nautilus-3.28.2-8.el7.x86_64.rpm okular-4.10.5-7.el7.x86_64.rpm okular-debuginfo-4.10.5-7.el7.i686.rpm okular-debuginfo-4.10.5-7.el7.x86_64.rpm okular-devel-4.10.5-7.el7.i686.rpm okular-devel-4.10.5-7.el7.x86_64.rpm okular-libs-4.10.5-7.el7.i686.rpm okular-libs-4.10.5-7.el7.x86_64.rpm okular-part-4.10.5-7.el7.x86_64.rpm poppler-0.26.5-38.el7.i686.rpm poppler-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-glib-0.26.5-38.el7.i686.rpm poppler-glib-0.26.5-38.el7.x86_64.rpm poppler-qt-0.26.5-38.el7.i686.rpm poppler-qt-0.26.5-38.el7.x86_64.rpm poppler-utils-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: evince-browser-plugin-3.28.2-8.el7.ppc64.rpm evince-debuginfo-3.28.2-8.el7.ppc.rpm evince-debuginfo-3.28.2-8.el7.ppc64.rpm evince-devel-3.28.2-8.el7.ppc.rpm evince-devel-3.28.2-8.el7.ppc64.rpm poppler-cpp-0.26.5-38.el7.ppc.rpm poppler-cpp-0.26.5-38.el7.ppc64.rpm poppler-cpp-devel-0.26.5-38.el7.ppc.rpm poppler-cpp-devel-0.26.5-38.el7.ppc64.rpm poppler-debuginfo-0.26.5-38.el7.ppc.rpm poppler-debuginfo-0.26.5-38.el7.ppc64.rpm poppler-demos-0.26.5-38.el7.ppc64.rpm poppler-devel-0.26.5-38.el7.ppc.rpm poppler-devel-0.26.5-38.el7.ppc64.rpm poppler-glib-devel-0.26.5-38.el7.ppc.rpm poppler-glib-devel-0.26.5-38.el7.ppc64.rpm poppler-qt-0.26.5-38.el7.ppc.rpm poppler-qt-0.26.5-38.el7.ppc64.rpm poppler-qt-devel-0.26.5-38.el7.ppc.rpm poppler-qt-devel-0.26.5-38.el7.ppc64.rpm ppc64le: evince-browser-plugin-3.28.2-8.el7.ppc64le.rpm evince-debuginfo-3.28.2-8.el7.ppc64le.rpm evince-devel-3.28.2-8.el7.ppc64le.rpm poppler-cpp-0.26.5-38.el7.ppc64le.rpm poppler-cpp-devel-0.26.5-38.el7.ppc64le.rpm poppler-debuginfo-0.26.5-38.el7.ppc64le.rpm poppler-demos-0.26.5-38.el7.ppc64le.rpm poppler-devel-0.26.5-38.el7.ppc64le.rpm poppler-glib-devel-0.26.5-38.el7.ppc64le.rpm poppler-qt-devel-0.26.5-38.el7.ppc64le.rpm s390x: evince-browser-plugin-3.28.2-8.el7.s390x.rpm evince-debuginfo-3.28.2-8.el7.s390.rpm evince-debuginfo-3.28.2-8.el7.s390x.rpm evince-devel-3.28.2-8.el7.s390.rpm evince-devel-3.28.2-8.el7.s390x.rpm poppler-cpp-0.26.5-38.el7.s390.rpm poppler-cpp-0.26.5-38.el7.s390x.rpm poppler-cpp-devel-0.26.5-38.el7.s390.rpm poppler-cpp-devel-0.26.5-38.el7.s390x.rpm poppler-debuginfo-0.26.5-38.el7.s390.rpm poppler-debuginfo-0.26.5-38.el7.s390x.rpm poppler-demos-0.26.5-38.el7.s390x.rpm poppler-devel-0.26.5-38.el7.s390.rpm poppler-devel-0.26.5-38.el7.s390x.rpm poppler-glib-devel-0.26.5-38.el7.s390.rpm poppler-glib-devel-0.26.5-38.el7.s390x.rpm poppler-qt-0.26.5-38.el7.s390.rpm poppler-qt-0.26.5-38.el7.s390x.rpm poppler-qt-devel-0.26.5-38.el7.s390.rpm poppler-qt-devel-0.26.5-38.el7.s390x.rpm x86_64: evince-browser-plugin-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-devel-3.28.2-8.el7.i686.rpm evince-devel-3.28.2-8.el7.x86_64.rpm poppler-cpp-0.26.5-38.el7.i686.rpm poppler-cpp-0.26.5-38.el7.x86_64.rpm poppler-cpp-devel-0.26.5-38.el7.i686.rpm poppler-cpp-devel-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-demos-0.26.5-38.el7.x86_64.rpm poppler-devel-0.26.5-38.el7.i686.rpm poppler-devel-0.26.5-38.el7.x86_64.rpm poppler-glib-devel-0.26.5-38.el7.i686.rpm poppler-glib-devel-0.26.5-38.el7.x86_64.rpm poppler-qt-devel-0.26.5-38.el7.i686.rpm poppler-qt-devel-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: evince-3.28.2-8.el7.src.rpm okular-4.10.5-7.el7.src.rpm poppler-0.26.5-38.el7.src.rpm x86_64: evince-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-dvi-3.28.2-8.el7.x86_64.rpm evince-libs-3.28.2-8.el7.i686.rpm evince-libs-3.28.2-8.el7.x86_64.rpm evince-nautilus-3.28.2-8.el7.x86_64.rpm okular-4.10.5-7.el7.x86_64.rpm okular-debuginfo-4.10.5-7.el7.i686.rpm okular-debuginfo-4.10.5-7.el7.x86_64.rpm okular-devel-4.10.5-7.el7.i686.rpm okular-devel-4.10.5-7.el7.x86_64.rpm okular-libs-4.10.5-7.el7.i686.rpm okular-libs-4.10.5-7.el7.x86_64.rpm okular-part-4.10.5-7.el7.x86_64.rpm poppler-0.26.5-38.el7.i686.rpm poppler-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-glib-0.26.5-38.el7.i686.rpm poppler-glib-0.26.5-38.el7.x86_64.rpm poppler-qt-0.26.5-38.el7.i686.rpm poppler-qt-0.26.5-38.el7.x86_64.rpm poppler-utils-0.26.5-38.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: evince-browser-plugin-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-devel-3.28.2-8.el7.i686.rpm evince-devel-3.28.2-8.el7.x86_64.rpm poppler-cpp-0.26.5-38.el7.i686.rpm poppler-cpp-0.26.5-38.el7.x86_64.rpm poppler-cpp-devel-0.26.5-38.el7.i686.rpm poppler-cpp-devel-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-demos-0.26.5-38.el7.x86_64.rpm poppler-devel-0.26.5-38.el7.i686.rpm poppler-devel-0.26.5-38.el7.x86_64.rpm poppler-glib-devel-0.26.5-38.el7.i686.rpm poppler-glib-devel-0.26.5-38.el7.x86_64.rpm poppler-qt-devel-0.26.5-38.el7.i686.rpm poppler-qt-devel-0.26.5-38.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16646 https://access.redhat.com/security/cve/CVE-2018-18897 https://access.redhat.com/security/cve/CVE-2018-19058 https://access.redhat.com/security/cve/CVE-2018-19059 https://access.redhat.com/security/cve/CVE-2018-19060 https://access.redhat.com/security/cve/CVE-2018-19149 https://access.redhat.com/security/cve/CVE-2018-20481 https://access.redhat.com/security/cve/CVE-2018-20650 https://access.redhat.com/security/cve/CVE-2018-20662 https://access.redhat.com/security/cve/CVE-2019-7310 https://access.redhat.com/security/cve/CVE-2019-9200 https://access.redhat.com/security/cve/CVE-2019-9631 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXUl3wdzjgjWX9erEAQgg1hAAh01I6tdUAEDwdAqwL89rrmrytalR2iq6 ZsCwpZxkzB7EcDEK10p4+CzFifwt4S6KZ95cQSximHKWkiejfLiSX4xgn4RVxgoc 2PiYdbgwBhgwB5Xo1IXvdE4FDjL1SUWnN7OgBrWDsOFp6QW4s9SOrYLlOrEFnp+R 0Q+Xc0f/88S3FA4wyMsGknfANgaHU89kqvvD1s+VU+azu5TYo25SXcHrNwyX3U8t t4lEOEOEnPvAvGBIUW1TAUu5MTkhQLULXAbT5JpZKQoFTkQrf+C5hQ6yjSCtmQ0p +20sc+8oG9ZiKB08ijyVZOMV2cNgiPOY35pDWrLHE0aSjtvI7e4SN6KYurPJzfoP HpTqilPUeFHyO3bviG9zxreo6JjnIQEuu9JjjTtxe6rkDnmVzCJ/vD0Z+6dWbr5t WK1tfH8CwQzOiiEHY7H7LCtjGu8iBJ7QSZhOIRGqZowjbP05yF+Q3CGJdebM1Qf/ WWPx9350lg179pFsEaWN4AYvKznpUG2fiSnazB7WLIWdR/oWnffyk5AXqUmklMhx XdOQcu4CzeKkWsQRe15Fdt7FnkozC3jG4+ftmtfcttQ6emLgimCjY1nycN3i0Dxc QwhYH7vuEEnVO4GTp05BW1wV0fHsRajkObNTDY5jxOiokdDMYnIWvPlvoLqoZBfY /Upwouf17QQªGV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce