Skip to navigation

Security Advisory Important: poppler security update

Advisory: RHSA-2008:0239-5
Type: Security Advisory
Severity: Important
Issued on: 2008-04-17
Last updated on: 2008-04-17
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.1.z server)
CVEs (cve.mitre.org): CVE-2008-1693

Details

Updated poppler packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Poppler is a PDF rendering library, used by applications such as Evince.

Kees Cook discovered a flaw in the way poppler displayed malformed fonts
embedded in PDF files. An attacker could create a malicious PDF file that
would cause applications that use poppler -- such as Evince -- to crash,
or, potentially, execute arbitrary code when opened. (CVE-2008-1693)

Users are advised to upgrade to these updated packages, which contain
backported patches to resolve this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
poppler-0.5.4-4.4.el5_1.src.rpm
File outdated by:  RHBA-2013:1128
    MD5: c0cd7e133897e054ba1bede815328c22
 
IA-32:
poppler-devel-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: 9d74aac1417a05fafd4b5de9dc13361e
 
x86_64:
poppler-devel-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: 9d74aac1417a05fafd4b5de9dc13361e
poppler-devel-0.5.4-4.4.el5_1.x86_64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 7f6f1efaaa67121cbb1b65e15a23cc5b
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
poppler-0.5.4-4.4.el5_1.src.rpm
File outdated by:  RHBA-2013:1128
    MD5: c0cd7e133897e054ba1bede815328c22
 
IA-32:
poppler-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: f8612fc0d514e6f8b02a24bcd7295e07
poppler-devel-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: 9d74aac1417a05fafd4b5de9dc13361e
poppler-utils-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: 595cb167068e9c8b86735b75e6ae64c4
 
IA-64:
poppler-0.5.4-4.4.el5_1.ia64.rpm
File outdated by:  RHBA-2013:1128
    MD5: cfe5d1cac6e49df6bb16501ce951452d
poppler-devel-0.5.4-4.4.el5_1.ia64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 0fb69e84dbc693e6d83dcfec35d36b04
poppler-utils-0.5.4-4.4.el5_1.ia64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 90ed3ab6304e1b4232179dd4a2657441
 
PPC:
poppler-0.5.4-4.4.el5_1.ppc.rpm
File outdated by:  RHBA-2013:1128
    MD5: c65cdd82041ed49beaa55931fe62f57b
poppler-0.5.4-4.4.el5_1.ppc64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 3cefdfb8c024361ebab1c91b50105b6e
poppler-devel-0.5.4-4.4.el5_1.ppc.rpm
File outdated by:  RHBA-2013:1128
    MD5: 0240fdb0bf19ab7acec95015a855b9ee
poppler-devel-0.5.4-4.4.el5_1.ppc64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 657069015c58ffbeceea2f00d5c1c721
poppler-utils-0.5.4-4.4.el5_1.ppc.rpm
File outdated by:  RHBA-2013:1128
    MD5: d943af916cadab9c8761d852acc48294
 
s390x:
poppler-0.5.4-4.4.el5_1.s390.rpm
File outdated by:  RHBA-2013:1128
    MD5: f458eebe2eb5c64bf33e93e0c099f5bb
poppler-0.5.4-4.4.el5_1.s390x.rpm
File outdated by:  RHBA-2013:1128
    MD5: a019cdd0a503a69aa6f95950eedde068
poppler-devel-0.5.4-4.4.el5_1.s390.rpm
File outdated by:  RHBA-2013:1128
    MD5: 87df1d7a0d819af7b197311fc4aef7cb
poppler-devel-0.5.4-4.4.el5_1.s390x.rpm
File outdated by:  RHBA-2013:1128
    MD5: f068e4e7072b6be6bb405b5a7c5bdb4d
poppler-utils-0.5.4-4.4.el5_1.s390x.rpm
File outdated by:  RHBA-2013:1128
    MD5: 65875c17dfdd047082353672936a08cb
 
x86_64:
poppler-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: f8612fc0d514e6f8b02a24bcd7295e07
poppler-0.5.4-4.4.el5_1.x86_64.rpm
File outdated by:  RHBA-2013:1128
    MD5: d0ce822402f4aee684bcdadec4232601
poppler-devel-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: 9d74aac1417a05fafd4b5de9dc13361e
poppler-devel-0.5.4-4.4.el5_1.x86_64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 7f6f1efaaa67121cbb1b65e15a23cc5b
poppler-utils-0.5.4-4.4.el5_1.x86_64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 5dee4c2b7823cbc1ea7334f28215bd57
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
poppler-0.5.4-4.4.el5_1.src.rpm
File outdated by:  RHBA-2013:1128
    MD5: c0cd7e133897e054ba1bede815328c22
 
IA-32:
poppler-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: f8612fc0d514e6f8b02a24bcd7295e07
poppler-utils-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: 595cb167068e9c8b86735b75e6ae64c4
 
x86_64:
poppler-0.5.4-4.4.el5_1.i386.rpm
File outdated by:  RHBA-2013:1128
    MD5: f8612fc0d514e6f8b02a24bcd7295e07
poppler-0.5.4-4.4.el5_1.x86_64.rpm
File outdated by:  RHBA-2013:1128
    MD5: d0ce822402f4aee684bcdadec4232601
poppler-utils-0.5.4-4.4.el5_1.x86_64.rpm
File outdated by:  RHBA-2013:1128
    MD5: 5dee4c2b7823cbc1ea7334f28215bd57
 
Red Hat Enterprise Linux EUS (v. 5.1.z server)

SRPMS:
poppler-0.5.4-4.4.el5_1.src.rpm
File outdated by:  RHBA-2013:1128
    MD5: c0cd7e133897e054ba1bede815328c22
 
IA-32:
poppler-0.5.4-4.4.el5_1.i386.rpm     MD5: f8612fc0d514e6f8b02a24bcd7295e07
poppler-devel-0.5.4-4.4.el5_1.i386.rpm     MD5: 9d74aac1417a05fafd4b5de9dc13361e
poppler-utils-0.5.4-4.4.el5_1.i386.rpm     MD5: 595cb167068e9c8b86735b75e6ae64c4
 
IA-64:
poppler-0.5.4-4.4.el5_1.ia64.rpm     MD5: cfe5d1cac6e49df6bb16501ce951452d
poppler-devel-0.5.4-4.4.el5_1.ia64.rpm     MD5: 0fb69e84dbc693e6d83dcfec35d36b04
poppler-utils-0.5.4-4.4.el5_1.ia64.rpm     MD5: 90ed3ab6304e1b4232179dd4a2657441
 
PPC:
poppler-0.5.4-4.4.el5_1.ppc.rpm     MD5: c65cdd82041ed49beaa55931fe62f57b
poppler-0.5.4-4.4.el5_1.ppc64.rpm     MD5: 3cefdfb8c024361ebab1c91b50105b6e
poppler-devel-0.5.4-4.4.el5_1.ppc.rpm     MD5: 0240fdb0bf19ab7acec95015a855b9ee
poppler-devel-0.5.4-4.4.el5_1.ppc64.rpm     MD5: 657069015c58ffbeceea2f00d5c1c721
poppler-utils-0.5.4-4.4.el5_1.ppc.rpm     MD5: d943af916cadab9c8761d852acc48294
 
s390x:
poppler-0.5.4-4.4.el5_1.s390.rpm     MD5: f458eebe2eb5c64bf33e93e0c099f5bb
poppler-0.5.4-4.4.el5_1.s390x.rpm     MD5: a019cdd0a503a69aa6f95950eedde068
poppler-devel-0.5.4-4.4.el5_1.s390.rpm     MD5: 87df1d7a0d819af7b197311fc4aef7cb
poppler-devel-0.5.4-4.4.el5_1.s390x.rpm     MD5: f068e4e7072b6be6bb405b5a7c5bdb4d
poppler-utils-0.5.4-4.4.el5_1.s390x.rpm     MD5: 65875c17dfdd047082353672936a08cb
 
x86_64:
poppler-0.5.4-4.4.el5_1.i386.rpm     MD5: f8612fc0d514e6f8b02a24bcd7295e07
poppler-0.5.4-4.4.el5_1.x86_64.rpm     MD5: d0ce822402f4aee684bcdadec4232601
poppler-devel-0.5.4-4.4.el5_1.i386.rpm     MD5: 9d74aac1417a05fafd4b5de9dc13361e
poppler-devel-0.5.4-4.4.el5_1.x86_64.rpm     MD5: 7f6f1efaaa67121cbb1b65e15a23cc5b
poppler-utils-0.5.4-4.4.el5_1.x86_64.rpm     MD5: 5dee4c2b7823cbc1ea7334f28215bd57
 
(The unlinked packages above are only available from the Red Hat Network)

References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/