Fedora Linux 8804 Published by

An okular security update has been released for Fedora 31 that addresses an issue where Okular can be tricked into executing local binaries via specially crafted PDF files.



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-7036f54316
2020-03-24 01:48:02.704940
--------------------------------------------------------------------------------

Name : okular
Product : Fedora 31
Version : 19.12.3
Release : 2.fc31
URL :   https://www.kde.org/applications/graphics/okular/
Summary : A document viewer
Description :
A document viewer.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2020-9359
--------------------------------------------------------------------------------
ChangeLog:

* Sun Mar 22 2020 Rex Dieter - 19.12.3-2
- Security fix for CVE-2020-9359 (#1815651,1815652)
* Fri Mar 6 2020 Rex Dieter - 19.12.3-1
- 19.12.3
* Tue Feb 4 2020 Rex Dieter - 19.12.2-1
- 19.12.2
* Thu Jan 30 2020 Rex Dieter - 19.12.1-1
- 19.12.1
* Wed Jan 29 2020 Fedora Release Engineering - 19.08.3-3
- Rebuilt for   https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jan 17 2020 Marek Kasik - 19.08.3-2
- Rebuild for poppler-0.84.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1815651 - CVE-2020-9359 okular: local binary execution via specially crafted PDF files
  https://bugzilla.redhat.com/show_bug.cgi?id=1815651
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-7036f54316' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys