Bugtraq mailing list archives
rPSA-2008-0223-1 poppler
From: rPath Update Announcements <announce-noreply () rpath com>
Date: Wed, 09 Jul 2008 18:18:44 -0400
rPath Security Advisory: 2008-0223-1 Published: 2008-07-09 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: poppler=conary.rpath.com@rpl:2/0.6.2-2-0.1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2649 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 http://www.ocert.org/advisories/ocert-2008-007.html Description: Previous versions of the poppler package contain a memory-management bug that may allow user-assisted attackers to execute arbitrary code using maliciously crafted PDF files. Note that applications linked against libpoppler may also be affected by this vulnerability, and will be fixed by this update. http://wiki.rpath.com/Advisories:rPSA-2008-0223 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html
Current thread:
- rPSA-2008-0223-1 poppler rPath Update Announcements (Jul 10)