Lucene search
OracleLinuxELSA-2019-2022HistoryAug 13, 2019 - 12:00 a.m.
poppler security, bug fix, and enhancement update
2019-08-1300:00:00
linux.oracle.com
15
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.037 Low
EPSS
Percentile
90.8%
evince
[3.28.2-8]
- Do not free EvDocumentInfo in ev_window_save_print_settings(),
- it is freed in EvDocuments destructor
- Resolves: #1541358
[3.28.2-7] - Do not store page-scaling for documents with enforced
- page-scaling
- Resolves: #1541358
[3.28.2-6] - Use PrintScaling preference stored in PDFs
- Resolves: #1541358
okular
[4.10.5-7] - Fix patch adding information about substituting font
Resolves: bz#1458037
[4.10.5-6] - Fix broken dependency on kde-runtime
Resolves: bz#1670723
[4.10.5-5] - Add information about substituting font
Resolves: bz#1458037
poppler
[0.26.5-38] - Constrain number of cycles in rescale filter
- Compute correct coverage values for box filter
- Resolves: #1688417
[0.26.5-37] - Fix tiling patterns when pattern cell is too far
- Resolves: #1378961
[0.26.5-36] - Fix version from which PrintScaling is available
- Resolves: #1658304
[0.26.5-35] - Export PrintScaling viewer preference in glib frontend
- Related: #1658304
[0.26.5-34] - Fix a memory leak detected by Coverity Scan
- Related: #1636103
[0.26.5-33] - Only embed mime data for gray/rgb/cmyk colorspaces
- if image decode map is identity
- Resolves: #1636103
[0.26.5-32] - Fix possible crash on broken files in ImageStream::getLine()
- Resolves: #1685267
[0.26.5-31] - Avoid global display profile state becoming an uncontrolled
- memory leak
- Resolves: #1648860
[0.26.5-30] - Check for missing pages in documents passed to pdfunite
- Resolves: #1677348
[0.26.5-29] - Dont reuse ‘entry’ in Parser::makeStream
- Resolves: #1677058
[0.26.5-28] - Move the fileSpec.dictLookup call inside fileSpec.isDict if
- Resolves: #1677029
[0.26.5-27] - Defend against requests for negative XRef indices
- Resolves: #1673700
[0.26.5-26] - Add font substituteName() getter to Qt bindings
- Resolves: bz#1639595
[0.26.5-25] - Check for valid file name of embedded file
- Resolves: #1651307
[0.26.5-24] - Check for valid embedded file before trying to save it
- Resolves: #1651306
[0.26.5-23] - Check for stream before calling stream methods
- when saving an embedded file
- Resolves: #1651305
[0.26.5-22] - Fix crash on missing embedded file
- Resolves: #1651309
[0.26.5-21] - Avoid cycles in PDF parsing
- Resolves: #1640295
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | evince | < 3.28.2-8.el7 | evince-3.28.2-8.el7.src.rpm |
| oracle linux | 7 | src | okular | < 4.10.5-7.el7 | okular-4.10.5-7.el7.src.rpm |
| oracle linux | 7 | src | poppler | < 0.26.5-38.el7 | poppler-0.26.5-38.el7.src.rpm |
| oracle linux | 7 | aarch64 | evince | < 3.28.2-8.el7 | evince-3.28.2-8.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | evince-browser-plugin | < 3.28.2-8.el7 | evince-browser-plugin-3.28.2-8.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | evince-devel | < 3.28.2-8.el7 | evince-devel-3.28.2-8.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | evince-dvi | < 3.28.2-8.el7 | evince-dvi-3.28.2-8.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | evince-libs | < 3.28.2-8.el7 | evince-libs-3.28.2-8.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | evince-nautilus | < 3.28.2-8.el7 | evince-nautilus-3.28.2-8.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | okular | < 4.10.5-7.el7 | okular-4.10.5-7.el7.aarch64.rpm |
Related
nessus
nessus
Amazon Linux AMI : poppler (ALAS-2019-1271)
2019-08-28 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : poppler Multiple Vulnerabilities (NS-SA-2019-0202)
2019-10-15 00:00:00
Scientific Linux Security Update : poppler on SL7.x x86_64 (20190806)
2019-08-27 00:00:00
amazon
amazon
Medium: poppler
2019-08-23 17:01:00
Medium: poppler
2019-10-21 18:01:00
centos
centos
evince, okular, poppler security update
2019-08-30 02:44:38
redhat
redhat
(RHSA-2019:2022) Moderate: poppler security, bug fix, and enhancement update
2019-08-06 07:51:02
(RHSA-2019:2713) Moderate: poppler security update
2019-09-10 15:32:22
openvas
openvas
Huawei EulerOS: Security Advisory for poppler (EulerOS-SA-2019-2269)
2020-01-23 00:00:00
Fedora Update for mingw-poppler FEDORA-2019-7085420900
2019-05-07 00:00:00
Fedora Update for mingw-poppler FEDORA-2018-679f8aba03
2019-05-07 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: mingw-poppler-0.67.0-2.fc29
2018-12-30 03:22:07
[SECURITY] Fedora 29 Update: mingw-poppler-0.67.0-4.fc29
2019-03-15 18:30:03
[SECURITY] Fedora 29 Update: mingw-poppler-0.67.0-3.fc29
2019-02-18 02:04:58
osv
osv
poppler - security update
2019-03-08 00:00:00
poppler - security update
2020-07-23 00:00:00
poppler - security update
2020-11-08 00:00:00
debian
debian
[SECURITY] [DLA 1706-1] poppler security update
2019-03-08 20:37:16
[SECURITY] [DLA 2287-1] poppler security update
2020-07-23 10:16:10
[SECURITY] [DLA 2440-1] poppler security update
2020-11-08 23:59:37
ubuntu
ubuntu
poppler vulnerabilities
2018-12-04 00:00:00
poppler vulnerabilities
2019-01-22 00:00:00
poppler regression
2018-12-11 00:00:00
mageia
mageia
Updated poppler packages fix security vulnerabilities
2018-11-23 01:26:34
Updated poppler packages fix security vulnerability
2019-02-20 23:56:50
Updated poppler packages fix security vulnerabilities
2019-03-29 18:51:06
suse
suse
Security update for poppler (important)
2021-12-01 00:00:00
oraclelinux
oraclelinux
poppler security update
2019-09-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-11-12 07:13:51
Denial Of Service (DoS)
2018-12-26 08:52:33
Denial Of Service
2019-02-04 04:43:31
debiancve
debiancve
redhatcve
redhatcve
cve
cve
ubuntucve
ubuntucve
prion
prion
Null pointer dereference
2018-12-26 04:29:00
Null pointer dereference
2018-11-10 19:29:00
Design/Logic Flaw
2019-01-01 16:29:00
gentoo
gentoo
Poppler: Multiple vulnerabilities
2019-04-02 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.037 Low
EPSS
Percentile
90.8%
Related for ELSA-2019-2022