Oval Definition:oval:com.redhat.rhsa:def:20091504
Revision Date:2009-10-15Version:640
Title:RHSA-2009:1504: poppler security and bug fix update (Important)
Description:Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

  • Multiple integer overflow flaws were found in poppler. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code when opened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)

    Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608 issue.

  • This update also corrects a regression introduced in the previous poppler security update, RHSA-2009:0480, that prevented poppler from rendering certain PDF documents correctly. (BZ#528147)

    Users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-3603
    CVE-2009-3608
    CVE-2009-3609
    RHSA-2009:1504
    RHSA-2009:1504-01
    RHSA-2009:1504-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • poppler is earlier than 0:0.5.4-4.4.el5_4.11
  • AND poppler is signed with Red Hat redhatrelease2 key
  • poppler-devel is earlier than 0:0.5.4-4.4.el5_4.11
  • AND poppler-devel is signed with Red Hat redhatrelease2 key
  • poppler-utils is earlier than 0:0.5.4-4.4.el5_4.11
  • AND poppler-utils is signed with Red Hat redhatrelease2 key
    • BACK