USN-4646-2: poppler regression
26 November 2020
USN-4646-1 introduced a regression in poppler.
- poppler - PDF rendering library
USN-4646-1 fixed vulnerabilities in poppler. The fix for CVE-2019-10871
introduced a regression causing certain applications linked against poppler
to fail. This update backs out the fix pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Poppler incorrectly handled certain files. If a user
or automated system were tricked into opening a crafted PDF file, an
attacker could cause a denial of service.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.