Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
poppler security fix version 0.5.4-4.4.el5_3.9 makes evince incapable in showing pdf documents generated by Xerox WorkCentre scanner. previous version of poppler could show documents just fine. Please fix this regression. btw. fc10 poppler can handle these same files just fine.
Created attachment 344803 [details] Sample pdf generated by xerox workcentre
Created attachment 357677 [details] more work done to the segment dict
Im thinking the CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.patch was incomplete and I have created an additional patch based off poppler-0.5.4-8 in order to fix this bug. Thanks, Adam
Your additional patch doesn't apply rhel-5.3 poppler so I couldn't test it.
If I got you some test packages would you be willing to test it? Thanks, Adam
Yes, of course. That's why I commented.
Tuomo, Here you go: http://astokes.fedorapeople.org/rhbz501716/ I've provided the srpm as well if you wish to make anymore modifications to the patch or if you need to build for another arch. Thanks, Adam
Seems like test packages really do fix this issue. I was able to open my scanned documents without problems.
Sounds good, I'll be in contact with the engineer to get this properly ack'd so it can make it into an update. Thanks, Adam
Marek, since you did the last few updates, can you look into this?
Created attachment 361622 [details] a patch fixing reading of arithmetically encoded JBIG2 images with unknown length The problem here is that poppler doesn't read arithmetically encoded JBIG2 images correctly. The pdf has generic region segment with length 0xffffffff which signals that actual length is not known and that there is a termination sequence at the end of the segment + 4 bytes long row count. The row count is not read as a part of this segment and poppler handles these 4 bytes as a beginning of a new segment. But the new segment has only 4 bytes, so, further reading raises EOF error. Attached patch fixes this. Marek
Marek, yes your fix seen to solve this problem. I applied that patch over latest rhel poppler and not it works for me.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0236.html