1
poppler (0.4.2-1ubuntu5) dapper; urgency=low
3
* debian/patches/04_CVE-2005-3191_2_3.patch:
4
- poppler/Stream.cc, StreamPredictor::StreamPredictor(): Check for
5
(nVals * nBits) + 7 overflow, too.
7
-- Martin Pitt <martin.pitt@ubuntu.com> Mon, 12 Dec 2005 10:58:32 +0100
9
poppler (0.4.2-1ubuntu4) dapper; urgency=low
11
* debian/patches/04_CVE-2005-3191_2_3.patch:
12
- Change upstream patch for StreamPredictor::StreamPredictor() and
13
JPXStream::readCodestream() checks to use division instead of
14
multplication, which is undefined on overflow.
16
-- Martin Pitt <martin.pitt@ubuntu.com> Fri, 9 Dec 2005 17:38:56 +0100
18
poppler (0.4.2-1ubuntu3) dapper; urgency=low
20
* debian/patches/04_CVE-2005-3191_2_3.patch: Also check numComps overflow in
21
DCTStream::readScanInfo().
23
-- Martin Pitt <martin.pitt@ubuntu.com> Fri, 9 Dec 2005 11:10:49 +0100
25
poppler (0.4.2-1ubuntu2) dapper; urgency=low
1
poppler (0.4.3-1) unstable; urgency=high
3
* New upstream release.
4
* New maintainer (Closes: #344738)
5
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
6
* Fixed some rendering bugs and disabled Cairo output
7
(Closes: #314556, #322964, #328211)
8
* Acknowledge NMU (Closes: #342288)
9
* Add 001-selection-crash-bug.patch (Closes: #330544)
10
* Add poppler-utils (merge patch from Ubuntu)
12
-- Ondřej Surý <ondrej@sury.org> Fri, 30 Dec 2005 11:34:07 +0100
14
poppler (0.4.2-1.1) unstable; urgency=high
27
16
* SECURITY UPDATE: Multiple integer/buffer overflows.
28
* Add debian/patches/04_CVE-2005-3191_2_3.patch:
29
* poppler/Stream.cc, DCTStream::readBaselineSOF():
18
* NMU to fix RC security bug (closes: #342288)
19
* Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,
20
thanks to Martin Pitt:
21
* poppler/Stream.cc, DCTStream::readBaselineSOF(),
22
DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
30
23
- Check numComps for invalid values.
31
24
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
33
* poppler/Stream.cc, DCTStream::DCTStream::readProgressiveSOF():
34
- Check numComps for invalid values.
35
- http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities
37
26
* poppler/Stream.cc, StreamPredictor::StreamPredictor():
38
27
- Check rowBytes for invalid values.
39
28
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
43
32
- http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
46
-- Martin Pitt <martin.pitt@ubuntu.com> Thu, 8 Dec 2005 13:10:21 +0100
48
poppler (0.4.2-1ubuntu1) dapper; urgency=low
51
* Build pdftohtml from the poppler source, simple port of the xpdf-2.0 based
52
pdftohtml-0.36 version, including Debian patches:
53
- Patch to make pdftothtml generate output in the current working
54
directory, instead of in whatever directory contains the pdf-file
57
- list the poppler-utils package.
59
* debian/libpoppler-dev.install, debian/rules:
61
* debian/patches/03_printing.patch:
62
- patch to fix the printing of pdf with non-ascii chars (Ubuntu: #15848).
64
-- Sebastien Bacher <seb128@canonical.com> Thu, 1 Dec 2005 16:20:02 +0100
35
-- Frank Küster <frank@debian.org> Fri, 23 Dec 2005 16:36:30 +0100
66
37
poppler (0.4.2-1) unstable; urgency=low