Bug 595245 (CVE-2010-3702)
Summary: | CVE-2010-3702 xpdf: uninitialized Gfx::parser pointer dereference | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Tomas Hoger <thoger> | ||||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||
Severity: | high | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | unspecified | CC: | andreas.bierfert, mkasik, orion, rdieter, security-response-team, tcallawa, than, tremble, vdanen | ||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2017-09-15 16:48:21 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | 639826, 639827, 639828, 639829, 639830, 639831, 639832, 639833, 639834, 639835, 639836, 639837, 639838, 639839, 639840, 639841, 639842, 639859, 639860, 639861, 639868, 639875, 652108, 773177, 773178, 773180, 833917 | ||||||||||
Bug Blocks: | 638835 | ||||||||||
Attachments: |
|
Description
Tomas Hoger
2010-05-24 07:59:07 UTC
Created attachment 416048 [details]
Proposed patch
This makes sure that parser in initialized to NULL in Gfx constructors.
(In reply to comment #2) > Created attachment 416048 [details] > Proposed patch > > This makes sure that parser in initialized to NULL in Gfx constructors. Upstream came up with the identical fix to my proposal based on what seems to be an independent report from Joel Voss: http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf http://secunia.com/advisories/41596/ Created poppler tracking bugs for this issue Affects: fedora-all [bug 639861] This is likely to affect other applications that embed xpdf code, such as pdfedit and koffice 1.x. Official xpdf patch may appear later this week. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0749 https://rhn.redhat.com/errata/RHSA-2010-0749.html This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2010:0750 https://rhn.redhat.com/errata/RHSA-2010-0750.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0751 https://rhn.redhat.com/errata/RHSA-2010-0751.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0752 https://rhn.redhat.com/errata/RHSA-2010-0752.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0753 https://rhn.redhat.com/errata/RHSA-2010-0753.html This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2010:0754 https://rhn.redhat.com/errata/RHSA-2010-0754.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0755 https://rhn.redhat.com/errata/RHSA-2010-0755.html Created attachment 455425 [details]
xpdf-3.02pl5.patch
xpdf upstream patch - xpdf-3.02pl5.patch
Fixes the issue in the same way poppler patch does.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0859 https://rhn.redhat.com/errata/RHSA-2010-0859.html Created attachment 605823 [details]
patch used for tetex
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:1201 https://rhn.redhat.com/errata/RHSA-2012-1201.html |