rPath Security Advisory: 2008-0223-1 Published: 2008-07-09 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: poppler=conary.rpath.com@rpl:2/0.6.2-2-0.1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2649 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950 http://www.ocert.org/advisories/ocert-2008-007.html Description: Previous versions of the poppler package contain a memory-management bug that may allow user-assisted attackers to execute arbitrary code using maliciously crafted PDF files. Note that applications linked against libpoppler may also be affected by this vulnerability, and will be fixed by this update. http://wiki.rpath.com/Advisories:rPSA-2008-0223 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html