1
PublicDateAtUSN: 2013-02-28
2
Candidate: CVE-2013-1789
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1789
6
http://www.openwall.com/lists/oss-security/2013/02/28/4
7
http://www.openwall.com/lists/oss-security/2013/02/28/8
8
http://j00ru.vexillium.org/?p=1507
9
https://usn.ubuntu.com/usn/usn-1785-1
11
splash/Splash.cc in poppler before 0.22.1 allows context-dependent
12
attackers to cause a denial of service (NULL pointer dereference and crash)
13
via vectors related to the (1) Splash::arbitraryTransformMask, (2)
14
Splash::blitMask, and (3) Splash::scaleMaskYuXu functions.
17
mdeslaur> reproducers: 1031.pdf.asan.48.15, 1007.pdf.asan.48.4
19
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071
20
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1789
26
upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=a205e71a2dbe0c8d4f4905a76a3f79ec522eacec
27
upstream: http://cgit.freedesktop.org/poppler/poppler/commit/?id=a9b8ab4657dec65b8b86c225d12c533ad7e984e2
28
upstream_poppler: released (0.22.1)
29
hardy_poppler: ignored (reached end-of-life)
30
lucid_poppler: released (0.12.4-0ubuntu5.3)
31
oneiric_poppler: released (0.16.7-2ubuntu2.1)
32
precise_poppler: released (0.18.4-1ubuntu3.1)
33
quantal_poppler: released (0.20.4-0ubuntu1.2)
34
devel_poppler: released (0.20.5-1ubuntu3)