Oval Definition:oval:com.redhat.rhsa:def:20201074
Revision Date:2020-03-31Version:637
Title:RHSA-2020:1074: poppler and evince security update (Moderate)
Description:Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

The evince packages provide a simple multi-page document viewer for Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript (EPS) files, and, with additional back-ends, also the Device Independent File format (DVI) files.

Security Fix(es):

  • poppler: integer overflow in Parser::makeStream in Parser.cc (CVE-2018-21009)

  • poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc (CVE-2019-10871)

  • poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc (CVE-2019-12293)

  • poppler: integer overflow in JPXStream::init function leading to memory consumption (CVE-2019-9959)

  • evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail() (CVE-2019-11459)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2018-21009
    CVE-2019-10871
    CVE-2019-11459
    CVE-2019-12293
    CVE-2019-9959
    RHSA-2020:1074
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • evince is earlier than 0:3.28.2-9.el7
  • AND evince is signed with Red Hat redhatrelease2 key
  • evince-browser-plugin is earlier than 0:3.28.2-9.el7
  • AND evince-browser-plugin is signed with Red Hat redhatrelease2 key
  • evince-devel is earlier than 0:3.28.2-9.el7
  • AND evince-devel is signed with Red Hat redhatrelease2 key
  • evince-dvi is earlier than 0:3.28.2-9.el7
  • AND evince-dvi is signed with Red Hat redhatrelease2 key
  • evince-libs is earlier than 0:3.28.2-9.el7
  • AND evince-libs is signed with Red Hat redhatrelease2 key
  • evince-nautilus is earlier than 0:3.28.2-9.el7
  • AND evince-nautilus is signed with Red Hat redhatrelease2 key
  • poppler is earlier than 0:0.26.5-42.el7
  • AND poppler is signed with Red Hat redhatrelease2 key
  • poppler-cpp is earlier than 0:0.26.5-42.el7
  • AND poppler-cpp is signed with Red Hat redhatrelease2 key
  • poppler-cpp-devel is earlier than 0:0.26.5-42.el7
  • AND poppler-cpp-devel is signed with Red Hat redhatrelease2 key
  • poppler-demos is earlier than 0:0.26.5-42.el7
  • AND poppler-demos is signed with Red Hat redhatrelease2 key
  • poppler-devel is earlier than 0:0.26.5-42.el7
  • AND poppler-devel is signed with Red Hat redhatrelease2 key
  • poppler-glib is earlier than 0:0.26.5-42.el7
  • AND poppler-glib is signed with Red Hat redhatrelease2 key
  • poppler-glib-devel is earlier than 0:0.26.5-42.el7
  • AND poppler-glib-devel is signed with Red Hat redhatrelease2 key
  • poppler-qt is earlier than 0:0.26.5-42.el7
  • AND poppler-qt is signed with Red Hat redhatrelease2 key
  • poppler-qt-devel is earlier than 0:0.26.5-42.el7
  • AND poppler-qt-devel is signed with Red Hat redhatrelease2 key
  • poppler-utils is earlier than 0:0.26.5-42.el7
  • AND poppler-utils is signed with Red Hat redhatrelease2 key
    • BACK