Security update for podofo

Announcement ID: SUSE-SU-2018:2481-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2017-5852 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2017-5852 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-5853 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2017-5853 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2017-5854 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-5855 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-5886 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2017-6840 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-6844 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2017-6847 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-7378 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-7379 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-7380 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-7994 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-8054 ( SUSE ): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  • CVE-2017-8054 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2017-8787 ( SUSE ): 6.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  • CVE-2017-8787 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2018-5308 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2018-5308 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2018-8001 ( SUSE ): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
  • CVE-2018-8001 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
  • Public Cloud Module 12
  • SUSE Enterprise Storage 4
  • SUSE Linux Enterprise High Performance Computing 12 SP2
  • SUSE Linux Enterprise High Performance Computing 12 SP3
  • SUSE Linux Enterprise High Performance Computing 12 SP4
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Server 12 SP1
  • SUSE Linux Enterprise Server 12 SP1 LTSS 12-SP1
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
  • SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
  • SUSE Linux Enterprise Server 12 SP3
  • SUSE Linux Enterprise Server 12 SP4
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 12
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
  • SUSE OpenStack Cloud 7

An update that solves 16 vulnerabilities can now be installed.

Description:

This update for podofo fixes the following issues:

  • CVE-2017-5852: The PoDoFo::PdfPage::GetInheritedKeyFromObject function allowed remote attackers to cause a denial of service (infinite loop) via a crafted file (bsc#1023067).
  • CVE-2017-5853: Integer overflow allowed remote attackers to have unspecified impact via a crafted file (bsc#1023069).
  • CVE-2017-5854: Prevent NULL pointer dereference that allowed remote attackers to cause a denial of service via a crafted file (bsc#1023070).
  • CVE-2017-5855: The PoDoFo::PdfParser::ReadXRefSubsection function allowed remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file (bsc#1023071).
  • CVE-2017-5886: Prevent heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function that allowed remote attackers to have unspecified impact via a crafted file (bsc#1023380).
  • CVE-2017-6847: The PoDoFo::PdfVariant::DelayedLoad function allowed remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file (bsc#1027778).
  • CVE-2017-6844: Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function allowed remote attackers to have unspecified impact via a crafted file (bsc#1027782).
  • CVE-2017-6840: The ColorChanger::GetColorFromStack function allowed remote attackers to cause a denial of service (invalid read) via a crafted file (bsc#1027787).
  • CVE-2017-7378: The PoDoFo::PdfPainter::ExpandTabs function allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document (bsc#1032017).
  • CVE-2017-7379: The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document (bsc#1032018).
  • CVE-2017-7380: Prevent NULL pointer dereference that allowed remote attackers to cause a denial of service via a crafted PDF document (bsc#1032019).
  • CVE-2017-7994: The function TextExtractor::ExtractText allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document (bsc#1035534).
  • CVE-2017-8054: The function PdfPagesTree::GetPageNodeFromArray allowed remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document (bsc#1035596).
  • CVE-2017-8787: The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file (bsc#1037739).
  • CVE-2018-5308: Properly validate memcpy arguments in the PdfMemoryOutputStream::Write function to prevent remote attackers from causing a denial-of-service or possibly have unspecified other impact via a crafted pdf file (bsc#1075772).
  • CVE-2018-8001: Prevent heap-based buffer over-read vulnerability in UnescapeName() that allowed remote attackers to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file (bsc#1084894).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE OpenStack Cloud 7
    zypper in -t patch SUSE-OpenStack-Cloud-7-2018-2481=1
  • Public Cloud Module 12
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-2481=1
  • SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
    zypper in -t patch SUSE-SLE-POS-12-SP2-CLIENT-2018-2481=1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
    zypper in -t patch SUSE-SLE-SAP-12-SP2-2018-2481=1
  • SUSE Linux Enterprise Server 12 SP1 LTSS 12-SP1
    zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-2481=1
  • SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2018-2481=1
  • SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-ESPOS-2018-2481=1
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2018-2481=1
  • SUSE Linux Enterprise Server 12 SP3
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2481=1
  • SUSE Linux Enterprise High Performance Computing 12 SP3
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2481=1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2481=1
  • SUSE Enterprise Storage 4
    zypper in -t patch SUSE-Storage-4-2018-2481=1

Package List:

  • SUSE OpenStack Cloud 7 (x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    • smt-ha-3.0.38-52.26.1
  • SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server 12 SP1 LTSS 12-SP1 (ppc64le s390x x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (ppc64le s390x x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server 12 SP3 (aarch64 ppc64le s390x x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise High Performance Computing 12 SP3 (aarch64 x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 (ppc64le x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1
  • SUSE Enterprise Storage 4 (x86_64)
    • smt-3.0.38-52.26.1
    • res-signingkeys-3.0.38-52.26.1
    • smt-debuginfo-3.0.38-52.26.1
    • smt-support-3.0.38-52.26.1
    • smt-debugsource-3.0.38-52.26.1

References: