USN-3837-1

Source
https://ubuntu.com/security/notices/USN-3837-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-3837-1.json
Related
Published
2018-12-04T11:47:21.130868Z
Modified
2018-12-04T11:47:21.130868Z
Summary
poppler vulnerabilities
Details

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060)

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-19149)

References

Affected packages

Ubuntu:14.04:LTS / poppler

Package

Name
poppler

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0.24.5-2ubuntu4.13

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libpoppler44": "0.24.5-2ubuntu4.13",
            "libpoppler-qt5-1": "0.24.5-2ubuntu4.13",
            "libpoppler-glib-doc": "0.24.5-2ubuntu4.13",
            "libpoppler-qt5-dev": "0.24.5-2ubuntu4.13",
            "libpoppler-cpp-dev": "0.24.5-2ubuntu4.13",
            "libpoppler-qt4-4": "0.24.5-2ubuntu4.13",
            "libpoppler-glib8": "0.24.5-2ubuntu4.13",
            "libpoppler-glib-dev": "0.24.5-2ubuntu4.13",
            "libpoppler-qt4-dev": "0.24.5-2ubuntu4.13",
            "libpoppler-cpp0": "0.24.5-2ubuntu4.13",
            "gir1.2-poppler-0.18": "0.24.5-2ubuntu4.13",
            "libpoppler-private-dev": "0.24.5-2ubuntu4.13",
            "libpoppler-dev": "0.24.5-2ubuntu4.13",
            "poppler-utils": "0.24.5-2ubuntu4.13"
        }
    ]
}

Ubuntu:18.04:LTS / poppler

Package

Name
poppler

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0.62.0-2ubuntu2.4

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "gir1.2-poppler-0.18": "0.62.0-2ubuntu2.4",
            "libpoppler-qt5-1": "0.62.0-2ubuntu2.4",
            "libpoppler-glib-doc": "0.62.0-2ubuntu2.4",
            "libpoppler73": "0.62.0-2ubuntu2.4",
            "libpoppler-cpp-dev": "0.62.0-2ubuntu2.4",
            "libpoppler-private-dev": "0.62.0-2ubuntu2.4",
            "libpoppler-cpp0v5": "0.62.0-2ubuntu2.4",
            "libpoppler-dev": "0.62.0-2ubuntu2.4",
            "libpoppler-glib8": "0.62.0-2ubuntu2.4",
            "libpoppler-glib-dev": "0.62.0-2ubuntu2.4",
            "libpoppler-qt5-dev": "0.62.0-2ubuntu2.4",
            "poppler-utils": "0.62.0-2ubuntu2.4"
        }
    ]
}

Ubuntu:16.04:LTS / poppler

Package

Name
poppler

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0.41.0-0ubuntu1.9

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "libpoppler-qt5-1": "0.41.0-0ubuntu1.9",
            "libpoppler-glib-doc": "0.41.0-0ubuntu1.9",
            "libpoppler-qt5-dev": "0.41.0-0ubuntu1.9",
            "libpoppler-cpp-dev": "0.41.0-0ubuntu1.9",
            "libpoppler-qt4-4": "0.41.0-0ubuntu1.9",
            "libpoppler-glib8": "0.41.0-0ubuntu1.9",
            "libpoppler-glib-dev": "0.41.0-0ubuntu1.9",
            "libpoppler-qt4-dev": "0.41.0-0ubuntu1.9",
            "libpoppler-cpp0": "0.41.0-0ubuntu1.9",
            "libpoppler58": "0.41.0-0ubuntu1.9",
            "gir1.2-poppler-0.18": "0.41.0-0ubuntu1.9",
            "libpoppler-private-dev": "0.41.0-0ubuntu1.9",
            "libpoppler-dev": "0.41.0-0ubuntu1.9",
            "poppler-utils": "0.41.0-0ubuntu1.9"
        }
    ]
}