-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Moderate: poppler security update
Advisory ID:       RHSA-2019:2713-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:2713
Issue date:        2019-09-10
CVE Names:         CVE-2018-18897 CVE-2018-20481 CVE-2018-20551
                   CVE-2018-20650 CVE-2018-20662 CVE-2019-7310
                   CVE-2019-9200 CVE-2019-9631 CVE-2019-9903
                   CVE-2019-9959 CVE-2019-10871 CVE-2019-12293
====================================================================
1. Summary:

An update for poppler is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.

Security Fix(es):

* poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
(CVE-2019-7310)

* poppler: heap-based buffer overflow in function ImageStream::getLine() in
Stream.cc (CVE-2019-9200)

* poppler: heap-based buffer over-read in function
PSOutputDev::checkPageSlice in PSOutputDev.cc (CVE-2019-10871)

* poppler: heap-based buffer over-read in JPXStream::init in
JPEG2000Stream.cc (CVE-2019-12293)

* poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc
(CVE-2018-18897)

* poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc
(CVE-2018-20481)

* poppler: reachable Object::getString assertion in AnnotRichMedia class in
Annot.c (CVE-2018-20551)

* poppler: reachable Object::dictLookup assertion in FileSpec class in
FileSpec.cc (CVE-2018-20650)

* poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc (CVE-2018-20662)

* poppler: heap-based buffer over-read in function
downsample_row_box_filter in CairoRescaleBox.cc (CVE-2019-9631)

* poppler: stack consumption in function Dict::find() in Dict.cc
(CVE-2019-9903)

* poppler: integer overflow in JPXStream::init function leading to memory
consumption (CVE-2019-9959)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1646546 - CVE-2018-18897 poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc
1665259 - CVE-2018-20551 poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c
1665263 - CVE-2018-20650 poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc
1665266 - CVE-2018-20481 poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc
1665273 - CVE-2018-20662 poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc
1672419 - CVE-2019-7310 poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
1683632 - CVE-2019-9200 poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc
1686802 - CVE-2019-9631 poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc
1691724 - CVE-2019-9903 poppler: stack consumption in function Dict::find() in Dict.cc
1696636 - CVE-2019-10871 poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc
1713582 - CVE-2019-12293 poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc
1732340 - CVE-2019-9959 poppler: integer overflow in JPXStream::init function leading to memory consumption

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
poppler-0.66.0-11.el8_0.12.src.rpm

aarch64:
poppler-0.66.0-11.el8_0.12.aarch64.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-debugsource-0.66.0-11.el8_0.12.aarch64.rpm
poppler-glib-0.66.0-11.el8_0.12.aarch64.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-utils-0.66.0-11.el8_0.12.aarch64.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm

ppc64le:
poppler-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-debugsource-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-glib-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-utils-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm

s390x:
poppler-0.66.0-11.el8_0.12.s390x.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-debugsource-0.66.0-11.el8_0.12.s390x.rpm
poppler-glib-0.66.0-11.el8_0.12.s390x.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-utils-0.66.0-11.el8_0.12.s390x.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.s390x.rpm

x86_64:
poppler-0.66.0-11.el8_0.12.i686.rpm
poppler-0.66.0-11.el8_0.12.x86_64.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-debugsource-0.66.0-11.el8_0.12.i686.rpm
poppler-debugsource-0.66.0-11.el8_0.12.x86_64.rpm
poppler-glib-0.66.0-11.el8_0.12.i686.rpm
poppler-glib-0.66.0-11.el8_0.12.x86_64.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-utils-0.66.0-11.el8_0.12.x86_64.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:
poppler-cpp-0.66.0-11.el8_0.12.aarch64.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-debugsource-0.66.0-11.el8_0.12.aarch64.rpm
poppler-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-qt5-0.66.0-11.el8_0.12.aarch64.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.aarch64.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.aarch64.rpm

ppc64le:
poppler-cpp-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-debugsource-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-devel-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-qt5-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.ppc64le.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.ppc64le.rpm

s390x:
poppler-cpp-0.66.0-11.el8_0.12.s390x.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.s390x.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-debugsource-0.66.0-11.el8_0.12.s390x.rpm
poppler-devel-0.66.0-11.el8_0.12.s390x.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.s390x.rpm
poppler-qt5-0.66.0-11.el8_0.12.s390x.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.s390x.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.s390x.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.s390x.rpm

x86_64:
poppler-cpp-0.66.0-11.el8_0.12.i686.rpm
poppler-cpp-0.66.0-11.el8_0.12.x86_64.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-cpp-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-cpp-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-debugsource-0.66.0-11.el8_0.12.i686.rpm
poppler-debugsource-0.66.0-11.el8_0.12.x86_64.rpm
poppler-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-glib-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-glib-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-qt5-0.66.0-11.el8_0.12.i686.rpm
poppler-qt5-0.66.0-11.el8_0.12.x86_64.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-qt5-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.i686.rpm
poppler-qt5-devel-0.66.0-11.el8_0.12.x86_64.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.i686.rpm
poppler-utils-debuginfo-0.66.0-11.el8_0.12.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-18897
https://access.redhat.com/security/cve/CVE-2018-20481
https://access.redhat.com/security/cve/CVE-2018-20551
https://access.redhat.com/security/cve/CVE-2018-20650
https://access.redhat.com/security/cve/CVE-2018-20662
https://access.redhat.com/security/cve/CVE-2019-7310
https://access.redhat.com/security/cve/CVE-2019-9200
https://access.redhat.com/security/cve/CVE-2019-9631
https://access.redhat.com/security/cve/CVE-2019-9903
https://access.redhat.com/security/cve/CVE-2019-9959
https://access.redhat.com/security/cve/CVE-2019-10871
https://access.redhat.com/security/cve/CVE-2019-12293
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXXi/19zjgjWX9erEAQiPdw/+LtA/G5SgnDzFpdhpxOa9X+noX5a+2dXO
Qiheg9ozVvajD+4qp2dUwq2r53dLH0tDeCt6wl0YIvUmfE3+UBPIuJG7ijD5GVg5
p+PdxeGm9NcpusPTLn3c2pkxW7XM6emrd/l+7ImmTvqaCeug8nEp5PVXuYSYajC1
gxvKxWq170qmiRBTC7ONzQy3cPWRliDZvw4ELtriuzXNveiur5+eBX1kcp5jCKhR
rjQvXLVgnng62+xUX5fsBVf1DjJ0Elg8n3Uo7kbC1AhlmhuEHLD1seyYWRQYoIM3
NCfwY+wu+rxHVXnr1k85OJZfWDK91qKScm61AZin1jsNu6H5NDTmbCn9mbZWw6RN
G9xm+GbRC+bdv5bqAsVRZTC1+LRXexvE3QbmQIX3iqdNOlE8dFjWChpUBdzxGppA
pNBm4boBMz45UVbZT0oC1A3sZfpNpKO7LkZZsNxRKBaUvbahTNIU/eYj9g2IdKoc
7mqYKRg95TugEThs1v+ie2zEJR5aLTbHKXplhiBKwoYhTlkZ3+ke61zkFm/jm9eZ
PwutkfaXhExPbt0ph9HxkxmersNNJii0AYt8c37oRBPBEvnl6yy3i79Y2ds51wdo
+qTH0WHlwVpL50PMGMl7yXyw9CraIc1GDDOAHJbc+y7VbCJ5Cu3QCX802ql48i79
57WGrb+WGyE=T3jS
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce