Bug#863016: poppler: CVE-2017-9083
Control: severity -1 minor Hi Jason, On Sat, May 20, 2017 at 07:39:02AM -0500, Jason Crain wrote: > On Sat, May 20, 2017 at 10:30:17AM +0200, Salvatore Bonaccorso wrote: > > the following vulnerability was published for poppler. > > > > CVE-2017-9083[0]: > > | poppler 0.54.0, as used in Evince and other products, has a NULL > > | pointer dereference in the JPXStream::readUByte function in > > | JPXStream.cc. For example, the perf_test utility will crash > > | (segmentation fault) when parsing an invalid PDF file. > > Does this apply to Debian's poppler? I think uses openjpeg instead of > the internal JPX decoder. I think you are right. While checking, I looked at the source only, not realizing that it's not relevant for the built binary packages due to your note. I changed the severity, and in the security-tracker it is now marked as 'unimportant', which is the tag used when a source is affected, but the issue does not affect the built binary packages. Thanks a lot for checking the bugreport! Salvatore
Bug#863016: poppler: CVE-2017-9083
On Sat, May 20, 2017 at 10:30:17AM +0200, Salvatore Bonaccorso wrote: > the following vulnerability was published for poppler. > > CVE-2017-9083[0]: > | poppler 0.54.0, as used in Evince and other products, has a NULL > | pointer dereference in the JPXStream::readUByte function in > | JPXStream.cc. For example, the perf_test utility will crash > | (segmentation fault) when parsing an invalid PDF file. Does this apply to Debian's poppler? I think uses openjpeg instead of the internal JPX decoder. There's a discussion on the poppler mailing list about making it more explicit that the internal decoders are unmaintained: https://lists.freedesktop.org/archives/poppler/2017-May/012230.html
Bug#863016: poppler: CVE-2017-9083
Source: poppler Version: 0.26.5-2 Severity: important Tags: upstream security Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=101084 Hi, the following vulnerability was published for poppler. CVE-2017-9083[0]: | poppler 0.54.0, as used in Evince and other products, has a NULL | pointer dereference in the JPXStream::readUByte function in | JPXStream.cc. For example, the perf_test utility will crash | (segmentation fault) when parsing an invalid PDF file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-9083 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9083 [1] https://bugs.freedesktop.org/show_bug.cgi?id=101084 Regards, Salvatore