I am getting reproducible crashes after update from poppler 0.62.0-2ubuntu2.2 to poppler 0.62.0-2ubuntu2.4
Test PDF file attached. Crashed experiences since following upgrades: libpoppler-cpp-dev (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 libpoppler-cpp0v5 (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 libpoppler-dev (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 libpoppler-glib8 (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 libpoppler-private-dev (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 libpoppler-qt5-1 (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 libpoppler73 (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 poppler-utils (0.62.0-2ubuntu2.2) to 0.62.0-2ubuntu2.4 Reverting to previous versions fixes the crashes. System: 18.04.1 LTS bionic (32 bit) Linux 4.15.0-42-generic #45-Ubuntu SMP Thu Nov 15 19:32:10 UTC 2018 i686 i686 i686 GNU/Linux PC gdb trace: Starting program: /usr/bin/evince Bureau/evince/test_CGV_FORFAIT_hors_opt_20170308.pdf [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1". [New Thread 0xb5b82b40 (LWP 6602)] [New Thread 0xb51ffb40 (LWP 6603)] [New Thread 0xb47ffb40 (LWP 6604)] warning: Error reading shared library list entry at 0x6840 warning: Error reading shared library list entry at 0x5a60 [New Thread 0xb3c77b40 (LWP 6608)] warning: Error reading shared library list entry at 0x75e0 [New Thread 0xb1356b40 (LWP 6609)] warning: Error reading shared library list entry at 0x5130 warning: Error reading shared library list entry at 0xffff97b0 Thread 6 "EvJobScheduler" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb1356b40 (LWP 6609)] 0xb096a379 in Parser::makeStream(Object&&, unsigned char*, CryptAlgorithm, int, int, int, int, bool) () from /usr/lib/i386-linux-gnu/libpoppler.so.73 ** Attachment added: "With poppler 0.62.0-2ubuntu2.4, evince and other PDF readers will immediately crash on my system" https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1803059/+attachment/5220277/+files/test_CGV_FORFAIT_hors_opt_20170308.pdf -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1803059 Title: Nullpointer dereference Status in poppler package in Ubuntu: Fix Committed Status in poppler source package in Bionic: Fix Released Status in poppler source package in Cosmic: Fix Released Bug description: * Impact Evince segfaults on some pdf documents * Test case Download and try to open https://bugs.freedesktop.org/attachment.cgi?id=138927 with evince, it shouldn't segfault * Regression potential Nothing special to test, make sure evince still opens pdfs without issue ----------------------------- System Info: Linux zero 4.15.0-38-generic #41-Ubuntu SMP Wed Oct 10 10:59:38 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux Evince version: GNOME Document Viewer 3.28.4 While fuzzing evince v3.28.4, on linux 4.15.0-38-generic (Ubuntu 18.04 LTS), a null-pointer dereference was observed, initially this was reported to evince but the evince team advised that the issue is in poppler, the library used by evince to render PDF, poppler version: 0.62.0-2ubuntu2.2 is vulnerable to null-pointer dereference, however the issue is already fixed in poppler 0.70, but this will still crash your evince v3.28.4 in ubuntu if poppler is not updated to v.0.70. Fuzzing result showing a very important vulnerability in a package currently shipped by a major Linux distribution is still of interest, even if that Linux distribution does not package the latest released upstream version. I think Ubuntu is still using, Source: poppler Version: 0.62.0-2ubuntu2.2 So, most of the systems will be affected to this issue. Upstream: https://gitlab.freedesktop.org/poppler/poppler/issues/664 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1803059/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp