[ALSA-2021:1881] Moderate: poppler and evince security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2021-08-11
Description:
Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript (EPS) files, and, with additional back-ends, also the Device Independent File format (DVI) files. The following packages have been upgraded to a later upstream version: poppler (20.11.0). (BZ#1644423) Security Fix(es): * poppler: pdftohtml: access to uninitialized pointer could lead to DoS (CVE-2020-27778) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
i686 evince-devel-3.28.4-11.el8.i686.rpm 1d222d1be01bf9317e523117403202b00234658740fba21659327c29461c1523
i686 poppler-cpp-devel-20.11.0-2.el8.i686.rpm 36d63b4da09e453a4ff4431953511383ed89776d2efe7c492f7fdf9cf1b8587c
i686 poppler-qt5-devel-20.11.0-2.el8.i686.rpm 3eed8f4ea2934e836d454df14edfffe3a88b80ad82ceab0c91dbe3238ab7c574
i686 poppler-devel-20.11.0-2.el8.i686.rpm 4dc2ed376c4683f3db7ceabd6891967b431b85c6fe0e59cd247a8a79e72a6058
i686 poppler-cpp-20.11.0-2.el8.i686.rpm 4f827736c6542649e0d32c72b4b3b1b20785f20c80b2c11970ddc1201879a9d7
i686 poppler-qt5-20.11.0-2.el8.i686.rpm 9519555fbcc9f09f7b09ae45024fa7f5e63422d1005a2852030ec194acb7daaf
i686 poppler-glib-devel-20.11.0-2.el8.i686.rpm c0f0a993f0fbd34910daeb045a1af5e47284064d0bc40d19be18a98c045b9f92
x86_64 poppler-glib-devel-20.11.0-2.el8.x86_64.rpm 1e220521711b75e5955298b20334dbdf8a5bd74689b0cac0ae93c0c16556f072
x86_64 poppler-cpp-20.11.0-2.el8.x86_64.rpm 2c342a803a62a0aa9f7c8e17ef81211fc361c3514e9ae398465fd564623123e1
x86_64 poppler-qt5-20.11.0-2.el8.x86_64.rpm 6797fa284bc59d586493deeb6bb20bff3696573be51de5e55550e2b95c04cfcf
x86_64 poppler-qt5-devel-20.11.0-2.el8.x86_64.rpm 68a64663858701a736c4f81e0976c2b6e16bc26aaec05b78ba3fd90b316e6e85
x86_64 evince-devel-3.28.4-11.el8.x86_64.rpm 6bd29c996b184c6da0a634e1a5d270c7b0489ad6462a756893a3cc5cb1cc830e
x86_64 poppler-devel-20.11.0-2.el8.x86_64.rpm c16af004d62df5f8e7088ba1b82fd8823e162c9943a08ec5abc4ebfd170cc6bc
x86_64 poppler-cpp-devel-20.11.0-2.el8.x86_64.rpm f3ae108e6dec90fd7964335c43da2a4546ea5684a381da24b994981b716f7023
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.