Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 2116-1] New poppler packages fix several vulnerabilitie

From Moritz Muehlenhoff@1:229/2 to All on Tue Oct 12 21:40:02 2010

From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------ Debian Security Advisory DSA-2116-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 12, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2010-3702 CVE-2010-3704
Debian Bug : 599165

Joel Voss of Leviathan Security Group discovered two vulnerabilities in
the Poppler PDF rendering library, which may lead to the execution of
arbitrary code if a malformed PDF file is opened.

For the stable distribution (lenny), these problems have been fixed in
version 0.8.7-4.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your poppler packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7.orig.tar.gz
Size/MD5 checksum: 1469587 9af81429d6f8639c357a5eed25583365
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7-4.diff.gz
Size/MD5 checksum: 23876 219c5db15e7e0ad3ce01c45b5d2d17b5
http://security.debian.org/pool/updates/main/p/poppler/poppler_0.8.7-4.dsc
Size/MD5 checksum: 1481 a2d28a0e06fd0b226e9e87d88aab52e8

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-4_alpha.deb
Size/MD5 checksum: 891456 eecf847b41f68e67cfa250c239ab95ff
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-4_alpha.deb
Size/MD5 checksum: 220410 cdc18593a727b1a80279ad941a929dee
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-4_alpha.deb
Size/MD5 checksum: 329946 83a82f4a995727adac2a9cbb19cd0705
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-4_alpha.deb
Size/MD5 checksum: 303118 8407f059f1395ad93f765cdcf70f6246
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-4_alpha.deb
Size/MD5 checksum: 180578 f625e16840c1262de1e33579bfff3e00
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-4_alpha.deb
Size/MD5 checksum: 197172 2573621fc79b03251735690bfd818f5e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-4_alpha.deb
Size/MD5 checksum: 1334994 5fbda5e9f2b3824d3d7ccbb1bcf000d0
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-4_alpha.deb
Size/MD5 checksum: 3204616 7c7c37da8b894e462b2758524365ca46
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-4_alpha.deb
Size/MD5 checksum: 234854 06e4977b32fb63577a918c110147e5f6
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-4_alpha.deb
Size/MD5 checksum: 452718 751233edf2ec85fd1e095893124f8909

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-4_amd64.deb
Size/MD5 checksum: 184848 ed2abc9b1edd4cde56eb40b9b775cf45
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.8.7-4_amd64.deb
Size/MD5 checksum: 1119492 16725109ae348df90c30896be4a0c5de
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-4_amd64.deb
Size/MD5 checksum: 232702 2e7740b7098cd91493f178745b966d4a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-4_amd64.deb
Size/MD5 checksum: 178414 497a3f7cbff9acdb0b01d58aae33415a
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-4_amd64.deb
Size/MD5 checksum: 358376 461a59da2c6b0c7531bba1a385f3607d
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-4_amd64.deb
Size/MD5 checksum: 275318 3c6b86fb8a57e9f17fbe058a36fa426e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-3_0.8.7-4_amd64.deb
Size/MD5 checksum: 314086 3381ccceeaa1d2727f331d92b59818dd
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-4_amd64.deb
Size/MD5 checksum: 3148992 c1f76eb6ca390ef674647dc5def03c40
http://security.debian.org/pool/updates/main/p/poppler/libpoppler3_0.8.7-4_amd64.deb
Size/MD5 checksum: 840444 bc302d9fba4a4469b0d1902f5bb9777e
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib3_0.8.7-4_amd64.deb
Size/MD5 checksum: 217654 7008780b0aea027507fb70fe7c55af15

arm architecture (ARM)

http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt4-dev_0.8.7-4_arm.deb
Size/MD5 checksum: 390130 993386a0e413c10df447dc83ccb3ca15
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.8.7-4_arm.deb
Size/MD5 checksum: 184796 2e3eeb3b7a744a268dad95cae33d6146
http://security.debian.org/pool/updates/main/p/poppler/poppler-dbg_0.8.7-4_arm.deb
Size/MD5 checksum: 3115978 784d8f1cef1f6536b979e6c52baedbd0
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt2_0.8.7-4_arm.deb
Size/MD5 checksum: 178194 8bc04420f3e45f0d9f0e2c70abe9f805
http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.8.7-4_arm.deb
Size/MD5 checksum: 226694 e9cad6f85ee41ad40d6cf5cd4accc5aa
http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.8.7-4_arm.deb

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Krenn
  Sat Jun 6 11:38:56 2026
  from Sydney, Nsw via Telnet
- Furryboy
  Sat Jun 6 10:56:29 2026
  from Romania, Galati via SSH
- Centurion
  Fri Jun 5 22:28:01 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Fri Jun 5 17:52:51 2026
  from Sheboygan, Wi via Telnet
- Gwylbert
  Fri Jun 5 06:28:52 2026
  from Sydney, Nsw via Telnet
- Centurion
  Thu Jun 4 23:42:23 2026
  from Berea, Ohio via Telnet
- Michal Wronka
  Thu Jun 4 23:19:58 2026
  from Wroclaw, Poland via Telnet
- Michal Wronka
  Thu Jun 4 23:17:20 2026
  from Wroclaw, Poland via SSH

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	146:00:20
Calls:	12,089
Calls today:	2
Files:	15,000
Messages:	6,517,500

[SECURITY] [DSA 2116-1] New poppler packages fix several vulnerabilitie

Who's Online

Recent Visitors

System Info