USN-4042-1: poppler vulnerabilities

USN-4042-1: poppler vulnerabilities

poppler vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 19.04
• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS

Summary

Several security issues were fixed in poppler.

Software Description

• poppler – PDF rendering library

Details

It was discovered that poppler incorrectly handled certain files. If a user
or automated system were tricked into opening a crafted PDF file, an
attacker could cause a denial of service, or possibly execute arbitrary
code

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04

libpoppler85 – 0.74.0-0ubuntu1.2

poppler-utils – 0.74.0-0ubuntu1.2

Ubuntu 18.10

libpoppler79 – 0.68.0-0ubuntu1.7

poppler-utils – 0.68.0-0ubuntu1.7

Ubuntu 18.04 LTS

libpoppler73 – 0.62.0-2ubuntu2.9

poppler-utils – 0.62.0-2ubuntu2.9

Ubuntu 16.04 LTS

libpoppler58 – 0.41.0-0ubuntu1.14

poppler-utils – 0.41.0-0ubuntu1.14

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2017-9865
• CVE-2018-18897
• CVE-2018-20662
• CVE-2019-10018
• CVE-2019-10019
• CVE-2019-10021
• CVE-2019-10023
• CVE-2019-10872
• CVE-2019-10873
• CVE-2019-12293
• CVE-2019-9200
• CVE-2019-9631
• CVE-2019-9903

Source: USN-4042-1: poppler vulnerabilities