Bug#942503: libpoppler46: New jessie-security version causes xpdf segfault

[Mark Hindley]

On Fri, Oct 18, 2019 at 04:37:00PM +1100, Brian May wrote:
> Mark Hindley  writes:
> 
> > Since this upload was an LTS NMU, I should have copied you in.
> 
> Thanks for the report. It looks like the fix for CVE-2019-10871 might be
> broken, and I might have to revert this change.

Thanks.

Confirm fixed with +deb8u13.

Mark

Bug#942503: libpoppler46: New jessie-security version causes xpdf segfault

[Brian May]

Mark Hindley  writes:

> Since this upload was an LTS NMU, I should have copied you in.

Thanks for the report. It looks like the fix for CVE-2019-10871 might be
broken, and I might have to revert this change.
-- 
Brian May 

Bug#942503: libpoppler46: New jessie-security version causes xpdf segfault

[Mark Hindley]

Package: libpoppler46
Version: 0.26.5-2+deb8u12
Severity: grave
Justification: renders package unusable

Dear Maintainer,

I have just upgraded to libpoppler46 version 0.26.5-2+deb8u12 (from +deb8u11)
which has just appeared in jessie-security.

The new version causes xpdf to segfault.

Starting program: /usr/bin/xpdf.real
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
0x555695e3 in ?? ()
(gdb) bt
#0  0x555695e3 in ?? ()
#1  0x55565912 in ?? ()
#2  0x55565a2f in ?? ()
#3  0x55561da0 in ?? ()
#4  0x7757cfd3 in Gfx::go(bool) () from 
/usr/lib/x86_64-linux-gnu/libpoppler.so.46
#5  0x7757d1b8 in Gfx::display(Object*, bool) () from 
/usr/lib/x86_64-linux-gnu/libpoppler.so.46
#6  0x775c5605 in Page::displaySlice(OutputDev*, double, double, int, 
bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*,
 void*), void*, bool) () from /usr/lib/x86_64-linux-gnu/libpoppler.so.46
   
#7  0x555642bc in ?? ()
#8  0x55567b80 in ?? ()
#9  0x5556d011 in ?? ()
#10 0x55562175 in ?? ()
#11 0x555718e2 in ?? ()
#12 0x779b3ac3 in ?? () from /usr/lib/x86_64-linux-gnu/libXm.so.4
#13 0x779ebac1 in ?? () from /usr/lib/x86_64-linux-gnu/libXm.so.4
#14 0x779ec1e5 in ?? () from /usr/lib/x86_64-linux-gnu/libXm.so.4
#15 0x779bd15b in _XmDispatchGadgetInput () from 
/usr/lib/x86_64-linux-gnu/libXm.so.4
#16 0x77a6cdb2 in _XmGadgetActivate () from 
/usr/lib/x86_64-linux-gnu/libXm.so.4
#17 0x7724d855 in ?? () from /usr/lib/x86_64-linux-gnu/libXt.so.6
#18 0x7724e7e2 in _XtTranslateEvent () from 
/usr/lib/x86_64-linux-gnu/libXt.so.6
#19 0x772271bb in XtDispatchEventToWidget () from 
/usr/lib/x86_64-linux-gnu/libXt.so.6
#20 0x7722787d in ?? () from /usr/lib/x86_64-linux-gnu/libXt.so.6
#21 0x77227959 in XtDispatchEvent () from 
/usr/lib/x86_64-linux-gnu/libXt.so.6
#22 0x77233527 in XtAppProcessEvent () from 
/usr/lib/x86_64-linux-gnu/libXt.so.6
#23 0x77227d3d in XtAppMainLoop () from 
/usr/lib/x86_64-linux-gnu/libXt.so.6
#24 0x5556169d in ?? ()
#25 0x760f9b45 in __libc_start_main (main=0x555613c0, argc=1, 
argv=0x7fffdb98, init=, fini=,
rtld_fini=, stack_end=0x7fffdb88) at libc-start.c:287
#26 0x55561bec in ?? ()

Downgrading to version 0.26.5-2+deb8u4 fixes the segfault.

Mark


-- System Information:
Debian Release: 8.11
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-10-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages libpoppler46 depends on:
ii  libc6  2.19-18+deb8u10
ii  libfontconfig1 2.11.0-6.3+deb8u1
ii  libfreetype6   2.5.2-3+deb8u4
ii  libjpeg62-turbo1:1.3.1-12+deb8u2
ii  liblcms2-2 2.6-3+deb8u2
ii  libopenjpeg5   1:1.5.2-3
ii  libpng12-0 1.2.50-2+deb8u3
ii  libstdc++6 4.9.2-10+deb8u2
ii  libtiff5   4.0.3-12.3+deb8u9
ii  multiarch-support  2.19-18+deb8u10

Versions of packages libpoppler46 recommends:
ii  poppler-data  0.4.7-1

libpoppler46 suggests no packages.

-- no debconf information