Mandriva Linux Security Advisory : poppler (MDVSA-2009:068-1)
Medium Nessus Plugin ID 36675
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method (CVE-2009-0755).
A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict destructor when JBIG2Stream::readSymbolDictSeg method is used (CVE-2009-0756).
This update provides fixes for those vulnerabilities.
This update does not apply for CVE-2009-0755 under Corporate Server 4.0 libpoppler0-0.4.1-3.7.20060mlcs4.
The previous packages were not signed, this new update fixes that issue.
SolutionUpdate the affected packages.