Synopsis: Moderate: poppler security, bug fix, and enhancement update
Advisory ID:       SLSA-2019:2022-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2018-16646
                   CVE-2019-9631
                   CVE-2018-18897
                   CVE-2018-19058
                   CVE-2018-20650
                   CVE-2018-20662
                   CVE-2019-9200
                   CVE-2019-7310
                   CVE-2018-19059
                   CVE-2018-20481
                   CVE-2018-19060
                   CVE-2018-19149
--

Security Fix(es):

* poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc
(CVE-2019-7310)

* poppler: heap-based buffer overflow in function ImageStream::getLine()
in Stream.cc (CVE-2019-9200)

* poppler: infinite recursion in Parser::getObj function in Parser.cc
(CVE-2018-16646)

* poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc
(CVE-2018-18897)

* poppler: reachable abort in Object.h (CVE-2018-19058)

* poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc
(CVE-2018-19059)

* poppler: pdfdetach utility does not validate save paths (CVE-2018-19060)

* poppler: NULL pointer dereference in _poppler_attachment_new
(CVE-2018-19149)

* poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc
(CVE-2018-20481)

* poppler: reachable Object::dictLookup assertion in FileSpec class in
FileSpec.cc (CVE-2018-20650)

* poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc (CVE-2018-20662)

* poppler: heap-based buffer over-read in function
downsample_row_box_filter in CairoRescaleBox.cc (CVE-2019-9631)
--

SL7
  x86_64
    okular-part-4.10.5-7.el7.x86_64.rpm
    okular-devel-4.10.5-7.el7.i686.rpm
    okular-libs-4.10.5-7.el7.x86_64.rpm
    evince-nautilus-3.28.2-8.el7.x86_64.rpm
    poppler-qt-0.26.5-38.el7.x86_64.rpm
    okular-libs-4.10.5-7.el7.i686.rpm
    poppler-0.26.5-38.el7.x86_64.rpm
    poppler-utils-0.26.5-38.el7.x86_64.rpm
    poppler-qt-0.26.5-38.el7.i686.rpm
    okular-devel-4.10.5-7.el7.x86_64.rpm
    okular-4.10.5-7.el7.x86_64.rpm
    evince-dvi-3.28.2-8.el7.x86_64.rpm
    evince-libs-3.28.2-8.el7.i686.rpm
    poppler-glib-0.26.5-38.el7.x86_64.rpm
    evince-3.28.2-8.el7.x86_64.rpm
    poppler-glib-0.26.5-38.el7.i686.rpm
    poppler-0.26.5-38.el7.i686.rpm
    evince-libs-3.28.2-8.el7.x86_64.rpm
    evince-devel-3.28.2-8.el7.i686.rpm
    poppler-cpp-0.26.5-38.el7.x86_64.rpm
    poppler-devel-0.26.5-38.el7.x86_64.rpm
    poppler-qt-devel-0.26.5-38.el7.i686.rpm
    poppler-cpp-devel-0.26.5-38.el7.i686.rpm
    poppler-qt-devel-0.26.5-38.el7.x86_64.rpm
    poppler-cpp-0.26.5-38.el7.i686.rpm
    evince-devel-3.28.2-8.el7.x86_64.rpm
    poppler-devel-0.26.5-38.el7.i686.rpm
    evince-browser-plugin-3.28.2-8.el7.x86_64.rpm
    poppler-demos-0.26.5-38.el7.x86_64.rpm
    poppler-glib-devel-0.26.5-38.el7.x86_64.rpm
    poppler-cpp-devel-0.26.5-38.el7.x86_64.rpm
    poppler-glib-devel-0.26.5-38.el7.i686.rpm
    evince-debuginfo-3.28.2-8.el7.i686.rpm
    evince-debuginfo-3.28.2-8.el7.x86_64.rpm
    okular-debuginfo-4.10.5-7.el7.i686.rpm
    okular-debuginfo-4.10.5-7.el7.x86_64.rpm
    poppler-debuginfo-0.26.5-38.el7.i686.rpm
    poppler-debuginfo-0.26.5-38.el7.x86_64.rpm

- Scientific Linux Development Team