Ubuntu
poppler package

Thread-safety bugs in package libpoppler-glib8

Bug #1857902 reported by Michal on 2019-12-30

260

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	poppler (Ubuntu)	Triaged	Low	Unassigned

Bug Description

There are these bugs in libpoppler-glib8:

https://gitlab.freedesktop.org/poppler/poppler/issues/845
https://gitlab.freedesktop.org/poppler/poppler/issues/846

The first is about sharing cairo_font_face_t instances in multiple threads which is not thread-safe. The second is about accessing global linked list struct without proper synchronisation mechanism.

Due to these two bugs poppler+cairo cannot be used for rendering multiple documents in multiple threads.

The second may be potentially security vulnerability for applications that use poppler+cairo in multiple threads due to writes to potentially uninitialised pointer.

I noticed that poppler source package contains a lot of patches from ubuntu updates. Would be possible to add patch to this problem to ubuntu (and also debian) updates?

Tags:

Revision history for this message

Michal (misosud) wrote on 2019-12-30:

460.diff Edit (467 bytes, text/plain)

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2020-02-04:

Hello, I don't see much progress on the upstream bugs; do you know if progress has been reported elsewhere?

Thanks

information type:

Private Security → Public Security

Revision history for this message

Ubuntu Foundations Team Bug Bot (crichton) wrote on 2020-02-04:

The attachment "460.diff" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags:

added: patch

Sebastien Bacher (seb128) on 2020-02-04