Download
| Alert*
oval:org.secpod.oval:def:501250
evince is installed oval:org.secpod.oval:def:1503333 Updated evince packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availab ... oval:org.secpod.oval:def:500122 Evince is a document viewer. An array index error was found in the DeVice Independent renderer"s PK and VF font file parsers. A DVI file that references a specially-crafted font file could, when opened, cause Evince to crash or, potentially, execute arbitrary code with the privileges of the user ru ... oval:org.secpod.oval:def:1800829 evince is installed oval:org.secpod.oval:def:1800828 The comic book backend in evince 3.24.0 is vulnerable to a commandinjection bug that can be used to execute arbitrary commands when a cbtfile is opened. oval:org.secpod.oval:def:89045033 This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code oval:org.secpod.oval:def:89044772 This update for evince fixes the following issues: Security issue fixed: - CVE-2017-1000083: Remove support for tar and tar-like commands in comics backend . oval:org.secpod.oval:def:89002264 This update for evince fixes the following issues: - CVE-2017-1000159: Command injection in evince via filename when printing to PDF could lead to command execution oval:org.secpod.oval:def:41288 evince is installed oval:org.secpod.oval:def:89044917 This update for evince fixes the following issue: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code . oval:org.secpod.oval:def:89002345 This update for evince provides the following fix: - CVE-2017-1000159: Prevent command line injections via filenames when printing to a file oval:org.secpod.oval:def:204606 The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File format files. Security Fix: * It was found that evince did not properly sanitize the command l ... oval:org.secpod.oval:def:66422 GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix: * evince: uninitialized memory use in function tiff_document_render and tiff_document_get_thumbnail * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd For more details about the security issue, includin ... oval:org.secpod.oval:def:70313 evince: Document viewer Evince could be made to expose sensitive information if it received a specially crafted file. oval:org.secpod.oval:def:503605 Poppler is a Portable Document Format rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File ... oval:org.secpod.oval:def:89050613 This update for evince provides the following fixes: Security issue fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of unitialized use of memory . Other issue addressed: - Removed Supplements from psdocument package, so that it isn"t pulled in by default . oval:org.secpod.oval:def:116758 Evince is simple multi-page document viewer. It can display and print Portable Document Format , PostScript and Encapsulated PostScript files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks a ... oval:org.secpod.oval:def:205665 The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File format files. Poppler is a Portable Document Format rendering library, used by applications s ... oval:org.secpod.oval:def:504388 GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fix: * evince: uninitialized memory use in function tiff_document_render and tiff_document_get_thumbnail * gvfs: improper authorization in daemon/gvfsdaemon.c in gvfsd For more details about the security issue, includin ... oval:org.secpod.oval:def:112968 Evince is simple multi-page document viewer. It can display and print Portable Document Format , PostScript and Encapsulated PostScript files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks a ... oval:org.secpod.oval:def:112623 Evince is simple multi-page document viewer. It can display and print Portable Document Format , PostScript and Encapsulated PostScript files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks a ... oval:org.secpod.oval:def:112789 Evince is simple multi-page document viewer. It can display and print Portable Document Format , PostScript and Encapsulated PostScript files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks a ... oval:org.secpod.oval:def:502075 The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File format files. Security Fix: * It was found that evince did not properly sanitize the command l ... oval:org.secpod.oval:def:703917 evince: Document viewer Evince could be made to run programs if it printed a specially crafted file. oval:org.secpod.oval:def:51953 evince: Document viewer Evince could be made to run programs if it printed a specially crafted file. oval:org.secpod.oval:def:2001451 Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. oval:org.secpod.oval:def:1501979 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:113821 Evince is simple multi-page document viewer. It can display and print Portable Document Format , PostScript and Encapsulated PostScript files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks a ... oval:org.secpod.oval:def:51842 evince: Document viewer Evince could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703700 evince: Document viewer Evince could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:205288 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:503299 Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: infinite recursi ... oval:org.secpod.oval:def:1504532 accountsservice [0.6.50-8] - Dont set HasNoUsers=true if realmd has providers Related: #1750516 appstream-data [8-20191129] - Regenerate the RHEL metadata to include the latest evince changes - Resolves: #1768461 clutter [1.26.2-8] - rebuild to get the new in 8.2.0 - plus address #1785233 evince [3. ... oval:org.secpod.oval:def:4501262 Poppler is a Portable Document Format rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File ... oval:org.secpod.oval:def:2500308 Poppler is a Portable Document Format rendering library, used by applications such as Evince. oval:org.secpod.oval:def:205483 Poppler is a Portable Document Format rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File ... oval:org.secpod.oval:def:73621 Poppler is a Portable Document Format rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format , PostScript , Encapsulated PostScript files, and, with additional back-ends, also the Device Independent File ... oval:org.secpod.oval:def:705817 evince: Document viewer Evince could be made to expose sensitive information if it received a specially crafted file. oval:org.secpod.oval:def:1504530 accountsservice [0.6.50-7] - Dont send change updates for login history changes Resolves: #1713080 appstream-data [8-20190805] - Regenerate the RHEL metadata to include the latest cockpit changes - Resolves: #1673011 [8-20190719] - Regenerate the RHEL metadata - Resolves: #1673011 [8-20180721] - Reg ... oval:org.secpod.oval:def:1504932 evince [3.28.4-11] - Add remaining translations of string "Reset form" - Resolves: #1896006 [3.28.4-10] - Add available translations of string "Reset form" - Resolves: #1896006 [3.28.4-9] - Ship evince-devel - Resolves: #1919423 [3.28.4-8] - Handle ResetForm action - Resolves: #1889793 poppler [20.1 ... oval:org.secpod.oval:def:89003341 This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . oval:org.secpod.oval:def:69951 Several vulnerabilities were discovered in evince, a simple multi-page document viewer. CVE-2017-1000159 Tobias Mueller reported that the DVI exporter in evince is susceptible to a command injection vulnerability via specially crafted filenames. CVE-2019-11459 Andy Nguyen reported that the tiff_docu ... oval:org.secpod.oval:def:89003157 This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . oval:org.secpod.oval:def:705080 evince: Document viewer Evince could be made to crash or run arbitrary code if it received a specially crafted PDF file. oval:org.secpod.oval:def:89050619 This update for evince fixes the following issues: - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . |