Bug 501716
Summary: | latest poppler security fix breaks compatibility with Xerox WorkCentre generated pdf documents | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Tuomo Soini <tis> | ||||||||
Component: | poppler | Assignee: | Marek Kašík <mkasik> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | Desktop QE <desktop-qa-list> | ||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | urgent | ||||||||||
Version: | 5.3 | CC: | herrold, huzaifas, jplans, jrb, llim, tao, theo_nra, tpelka | ||||||||
Target Milestone: | rc | Keywords: | Regression, ZStream | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | |||||||||||
: | 575136 (view as bug list) | Environment: | |||||||||
Last Closed: | 2012-02-21 06:11:18 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 499522, 528146, 528147, 575136 | ||||||||||
Attachments: |
|
Description
Tuomo Soini
2009-05-20 13:28:02 UTC
poppler security fix version 0.5.4-4.4.el5_3.9 makes evince incapable in showing pdf documents generated by Xerox WorkCentre scanner. previous version of poppler could show documents just fine. Please fix this regression. btw. fc10 poppler can handle these same files just fine. Created attachment 344803 [details]
Sample pdf generated by xerox workcentre
Created attachment 357677 [details]
more work done to the segment dict
Im thinking the CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.patch was incomplete and I have created an additional patch based off poppler-0.5.4-8 in order to fix this bug. Thanks, Adam Your additional patch doesn't apply rhel-5.3 poppler so I couldn't test it. If I got you some test packages would you be willing to test it? Thanks, Adam Yes, of course. That's why I commented. Tuomo, Here you go: http://astokes.fedorapeople.org/rhbz501716/ I've provided the srpm as well if you wish to make anymore modifications to the patch or if you need to build for another arch. Thanks, Adam Seems like test packages really do fix this issue. I was able to open my scanned documents without problems. Sounds good, I'll be in contact with the engineer to get this properly ack'd so it can make it into an update. Thanks, Adam Marek, since you did the last few updates, can you look into this? Created attachment 361622 [details]
a patch fixing reading of arithmetically encoded JBIG2 images with unknown length
The problem here is that poppler doesn't read arithmetically encoded JBIG2 images
correctly. The pdf has generic region segment with length 0xffffffff which signals that actual length is not known and that there is a termination sequence at the end of the segment + 4 bytes long row count. The row count is not read as a part of this segment and poppler handles these 4 bytes as a beginning of a new segment. But the new segment has only 4 bytes, so, further reading raises EOF error.
Attached patch fixes this.
Marek
Marek, yes your fix seen to solve this problem. I applied that patch over latest rhel poppler and not it works for me. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0236.html |