oss-sec mailing list archives
Re: CVE Request: poppler 0.22.1 security fixes
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 27 Feb 2013 20:39:40 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/27/2013 06:24 AM, Marcus Meissner wrote:
Hi, poppler 0.22.1 was released without much ado, it however contains various security fixes. The security fixes apparently come from AdressSanitizer work and fuzzing provided by the Google Security Team. The page: http://j00ru.vexillium.org/?p=1507 explains most of it, and while it focuses on Adobe Acrobat Reader, they also covered poppler testing inside.
Ok so these issues were found and processed by a team of people at Google (gratzi!) and Red Hat (booyah!) so for the purposes of CVE I'm considering the team to be a single team (which makes CVE assignment much easier =).
So far I see: http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492
Fix invalid memory access in 1150.pdf.asan.8.69
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888
Fix invalid memory access in 2030.pdf.asan.69.463
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa
Fix another invalid memory access in 1091.pdf.asan.72.42
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696
Fix invalid memory accesses in 1091.pdf.asan.72.42
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959
Fix invalid memory accesses in 1036.pdf.asan.23.17 Please use CVE-2013-1788 for these invalid memory issues.
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=a9b8ab4657dec65b8b86c225d12c533ad7e984e2
Fix crash in broken file 1031.pdf.asan.48.15
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=a205e71a2dbe0c8d4f4905a76a3f79ec522eacec
Do not crash in broken documents like 1007.pdf.asan.48.4 Please use CVE-2013-1788 for these crash issues.
http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91
Initialize refLine totally
Fixes uninitialized memory read in 1004.pdf.asan.7.3
Please use CVE-2013-1790 for this uninitialized memory read issue.
As the blog page mentions "Huzaifa Sidhpurwala from RedHat Security", perhaps Redhat has assigned CVEs already.
Nope, although hopefully in future we'll coordinate CVEs better before hand.
Otherwise one ore more CVEs are required.
Yup.
Ciao, Marcus
- -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRLtF8AAoJEBYNRVNeJnmTh/YP/jmwGLJ0IS8rTTmRhRXw8yYX McSfWbdn4WJO3zeELgpmUJue0qfsFF66iXKUoVRfvpvoT5EtDWPp02Wubkd26Z77 DCsWJ2AYwvbwZNfnrAbP/sSnNu7W1HEQUIEcsLuoffbw9ZONMuWF1EOgZ6JZKvsB cHQjg1fzXXqPGaNSU5QEkIhVzZrEm8vAhHai0sEgKDYGGIjX4QKefiYdrzKCnCZa yV9qUb7knv9qqNB0iyE625cmqaoskdjdyaqDNFjSDzpeYKB9I/iQYvvD4dyw/dhM JIx1MwfZXX9C69KXxCLrQuwgSXgi/HmuDdIdnuoTdZIsk9UO5jzkIkWOIbVsc1Eo C7SWxmBvS7DoHgH7jLpo7BlxmuDRupbdeOxLPfyJzu/bdYaeeusCOGRcaMXVB0/C H/inAQVn5m1cAR1YEp76ZpqG9E/VMHcdC3cO+KDDMitPeMY5LVSN/IRPgCGDf/hB MZyToi0YrFg5t4U7M/2CKhumK7ivwjPg7kKnWSwBsYt6ECsSknRAsWqEuMVc1PmK E31or9K4qe/f4igQ0Xm7r5/sZhB3oTVHvGb7+yTIGUaWJXEGRazFVPxk7lryUroY SNrSXFkKyCRO6nNvp+De0+xL/fyQfq0NZIK671gbR9i24GXLhIgO75v1GQFrbhJ6 2nWKQJCoJhxRF3mn/3et =MQpu -----END PGP SIGNATURE-----
Current thread:
- CVE Request: poppler 0.22.1 security fixes Marcus Meissner (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Kurt Seifried (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Salvatore Bonaccorso (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Kurt Seifried (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Yves-Alexis Perez (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Salvatore Bonaccorso (Feb 27)
- Re: CVE Request: poppler 0.22.1 security fixes Kurt Seifried (Feb 27)