exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Linux Security Advisory 1480-1

Debian Linux Security Advisory 1480-1
Posted Feb 6, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1480-1 - Alin Rad Pop discovered several buffer overflows in the Poppler PDF library, which could allow the execution of arbitrary code if a malformed PDF file is opened.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | 351f35d4a89cf79f04f78425068edefe418915d70daa17fd52690d59d2bf1972

Debian Linux Security Advisory 1480-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1480-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 05, 2008 https://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : poppler
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2007-4352 CVE-2007-5392 CVE-2007-5393

Alin Rad Pop discovered several buffer overflows in the Poppler PDF
library, which could allow the execution of arbitrary code if a
malformed PDF file is opened.

For the stable distribution (etch), these problems have been fixed in
version 0.4.5-5.1etch2.

The old stable distribution (sarge) doesn't contain poppler.

We recommend that you upgrade your poppler packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian 4.0 (stable)
- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

https://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5-5.1etch2.diff.gz
Size/MD5 checksum: 484246 62ac8891f912e0297dee3bc875497ef7
https://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5-5.1etch2.dsc
Size/MD5 checksum: 749 d12234813b844d590e151f454c7f26fb
https://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5.orig.tar.gz
Size/MD5 checksum: 783752 2bb1c75aa3f9c42f0ba48b5492e6d32c

alpha architecture (DEC Alpha)

https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 30374 498fdc2dcafa1368c76f22a26243bd18
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 42932 5c37d6c62ed141bb1ea227e8ed4a02ac
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 774474 25ee5518b1f66bdcab1276ae15104362
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 33862 97c425d38d2a52013ecb777323fedcbf
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 55184 6a8bc43d21cd7b053e4ff2e96039ecde
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 504400 1873e99c14b49a16a97fa1853840393c
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_alpha.deb
Size/MD5 checksum: 86262 6e9bb738236eb858aa379a011722df5e

amd64 architecture (AMD x86_64 (AMD64))

https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 456402 b149225663d59f2a71f959c54dc9980a
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 83490 503a5244ca6778e8934001fcb775863a
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 45932 a4f161401bfa3dd4179e1f06f26ea2fc
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 30518 caea56a87a7f3cbe810912043198944c
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 613524 9f60fe935bf1a0d39cb476306a1cd877
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 29574 765b2a6179f6de7bcd12577267f28bdc
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_amd64.deb
Size/MD5 checksum: 41628 d321bfeef8b4b1646ba1232c2b289e31

arm architecture (ARM)

https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 30290 ca3b42b4698fd95047d9d01da07c19f0
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 81660 b5ef96b6267053ef30530742cc7fc885
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 29290 cb56448209be77de26a8ae8370ade5e7
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 594802 ee6c3e505eca8dc598dc5128418d24c3
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 44606 44101c76d6b8148c26ad3e85dd72fe66
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 438018 eb2a802afd0da063c444c0cf2e4a1ed4
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_arm.deb
Size/MD5 checksum: 40054 a1c854be81c453ed1208c7f4f9c2f5eb

i386 architecture (Intel ia32)

https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 443352 016dd5a98a0eb335af593d1e51e081d5
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 29378 8d28f47566c6ea599a9d008280d13129
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 80798 8a05f82badaa6b3f69e86b5ec524b0fa
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 44140 e344517322685ec03e9368569b1040ee
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 40610 3a31076ff600ff771e68180074b46a21
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 30134 194fbfb244f877cd07b00bc5564a0a30
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_i386.deb
Size/MD5 checksum: 573836 dda4a5aa4e8c0c931bb456daf3e7e38d

ia64 architecture (Intel ia64)

https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 105174 4d21ca486d0dfb96ab111110aea18184
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 808710 fef48b747551e1f078e51a863db42d64
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 47680 6c2a9d463679be4d6738009e01d53229
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 33654 afe0b327c8cde6490cf3982450286911
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 54716 5aef6fdb1721fd392e7a5b694774fe3f
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 32070 d2981f21f801bd748cf0f429683de327
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_ia64.deb
Size/MD5 checksum: 613062 ddfb7f3ee5899b15576dccf1f7730af5

mips architecture (MIPS (Big Endian))

https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 31838 ee6109e671d1b520e4f0e139ce323d31
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 674630 ced70154cf0bf69de7e3f0682a26efe7
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 29444 80577ad366a7ff024f6bbcfe28e9423e
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 86570 95f59eddb01635867c47ebefdf53148f
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 457738 adb74127e8b2f75c08dc4d1140cfcf53
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 50162 a9a20c39b24ffb935dd5c95e58225250
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_mips.deb
Size/MD5 checksum: 41714 9eba45d7741fb6af5defe6cd13aa04b4

mipsel architecture (MIPS (Little Endian))

https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 32068 8f0e573a5d16b9c38647fd35af827f51
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 444286 1a9c45b8d5110116e7327379448cb5e5
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 49638 67f7ee08100eedef89ce6a10261e4cf3
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 29716 d1695e641ec7f2025aed5f3b3092f432
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 664980 b521ee4bdbc3f5c063522e14c93a49fb
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 41074 a4d66ed0588b10960fe40da8e2114aa9
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_mipsel.deb
Size/MD5 checksum: 86512 25a6b4c4a4a6b1bd8217c5cd7c824554

powerpc architecture (PowerPC)

https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 89176 40cc1c0ddbcb14c1bd88620e4427f2ad
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 43006 857e0d7a14ac3448d531a6e92badfaa7
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 651790 b85508f089275c45426271ab42af5852
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 31282 3b991e0a59044ad90bce84dab4a3c286
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 48000 0d4dcec8c85e63bf932cba1214e23e8a
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 472200 5f73beffafb62d0c609a1065e162dbaa
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_powerpc.deb
Size/MD5 checksum: 31310 689f8d2507230afdc69b2d967ce6dfc7

s390 architecture (IBM S/390)

https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 41554 d03144f78dde41a7eb0c33ee63436429
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 621764 ac5f100d5a18b4088a00503ad7d27347
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 30430 9f8575a73fa04ca2920ed97d3d30960f
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 46690 219c0e56d1ae87c01d984ddce2f576b1
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 29332 e34057f02956439dcd2c1643153a4320
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 80556 9bf0f20909214d5433c8b6986bd86813
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_s390.deb
Size/MD5 checksum: 453712 471ce86c951154e00d8e5c6e78170915

sparc architecture (Sun SPARC/UltraSPARC)

https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 444208 7108e0818b726a16e46d0fa8c41b3b9b
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 44412 7773d4a704d458419c50e49eb6c2148f
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 29146 9a3e1df71ee09b5b55703673153232c5
https://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 78156 63a833e7ebdb56c067e69aa1a3988ed1
https://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 40312 040a74fe179460b0b175e29bc0de26a6
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 583836 2e40b8be7ad912d86235bd6ff59aeb92
https://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_sparc.deb
Size/MD5 checksum: 30494 a17ba5f32a555022213133d909dc01aa


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb https://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and https://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHqJkNXm3vHE4uyloRAhQ8AJ9ulePBYeJ608Al2+w7dSywS5pu+ACfTVsN
QpjR1imAMhG+OyXuNysn60s=
=3NL+
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close