Felix Wilhelm discovered that Evince did not safely invoke tar when handling tar comic book (cbt) files. An attacker could use this to construct a malicious cbt comic book format file that, when opened in Evince, executes arbitrary code. Please note that this update disables support for cbt files in Evince.
{ "availability": "No subscription required", "binaries": [ { "evince-dbg": "3.10.3-0ubuntu10.3", "libevince-dev-dbgsym": "3.10.3-0ubuntu10.3", "libevince-dev": "3.10.3-0ubuntu10.3", "evince-gtk": "3.10.3-0ubuntu10.3", "evince-common": "3.10.3-0ubuntu10.3", "libevview3-3": "3.10.3-0ubuntu10.3", "gir1.2-evince-3.0": "3.10.3-0ubuntu10.3", "evince-dbgsym": "3.10.3-0ubuntu10.3", "evince": "3.10.3-0ubuntu10.3", "libevview3-3-dbgsym": "3.10.3-0ubuntu10.3", "gir1.2-evince-3.0-dbgsym": "3.10.3-0ubuntu10.3", "libevdocument3-4": "3.10.3-0ubuntu10.3", "libevdocument3-4-dbgsym": "3.10.3-0ubuntu10.3", "evince-gtk-dbgsym": "3.10.3-0ubuntu10.3" } ] }
{ "availability": "No subscription required", "binaries": [ { "evince-dbg": "3.18.2-1ubuntu4.1", "evince-dbgsym": "3.18.2-1ubuntu4.1", "evince": "3.18.2-1ubuntu4.1", "evince-common": "3.18.2-1ubuntu4.1", "libevview3-3-dbgsym": "3.18.2-1ubuntu4.1", "libevince-dev": "3.18.2-1ubuntu4.1", "evince-gtk": "3.18.2-1ubuntu4.1", "gir1.2-evince-3.0": "3.18.2-1ubuntu4.1", "libevdocument3-4": "3.18.2-1ubuntu4.1", "libevdocument3-4-dbgsym": "3.18.2-1ubuntu4.1", "libevview3-3": "3.18.2-1ubuntu4.1" } ] }