~ubuntu-branches/ubuntu/dapper/poppler/dapper-security

« back to all changes in this revision

Viewing changes to debian/changelog

Committer: Bazaar Package Importer
Author(s): Ondřej Surý
Date: 2005-12-30 11:34:07 UTC
mfrom: (1.1.1 upstream)
Revision ID: james.westby@ubuntu.com-20051230113407-8grizsk0ar874uoi

Tags: 0.4.3-1

http://bugs.debian.org/344738

http://bugs.debian.org/314556

http://bugs.debian.org/322964

http://bugs.debian.org/328211

http://bugs.debian.org/342288

http://bugs.debian.org/330544

* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
* Fixed some rendering bugs and disabled Cairo output
(Closes: #314556, #322964, #328211)
* Acknowledge NMU (Closes: #342288)
* Add 001-selection-crash-bug.patch (Closes: #330544)
* Add poppler-utils (merge patch from Ubuntu)

files added:
debian/patches/000_add-poppler-utils.patch

debian/patches/001-relibtoolize.patch

debian/patches/002-selection-crash-bug.patch

files removed:
debian/patches/01_CAN-2005-2097.patch

debian/patches/03_printing.patch

debian/patches/04_CVE-2005-3191_2_3.patch

poppler/pdftotext

utils

utils/GVector.h

utils/HtmlFonts.cc

utils/HtmlFonts.h

utils/HtmlLinks.cc

utils/HtmlLinks.h

utils/HtmlOutputDev.cc

utils/HtmlOutputDev.h

utils/ImageOutputDev.cc

utils/ImageOutputDev.h

utils/Makefile.am

utils/Makefile.in

utils/SplashOutputDev.cc

utils/SplashOutputDev.h

utils/parseargs.c

utils/parseargs.h

utils/pdffonts.1

utils/pdffonts.cc

utils/pdfimages.1

utils/pdfimages.cc

utils/pdfinfo.1

utils/pdfinfo.cc

utils/pdftohtml.1

utils/pdftohtml.cc

utils/pdftoppm.1

utils/pdftoppm.cc

utils/pdftops.1

utils/pdftops.cc

utils/pdftotext.1

utils/pdftotext.cc

files modified:
ChangeLog

INSTALL

Makefile.am

Makefile.in

NEWS

aclocal.m4

config.guess

config.sub

configure

configure.ac

debian/changelog

debian/control

debian/control.in

depcomp

fofi/FoFiTrueType.cc

glib/poppler-document.h

glib/poppler-page.cc

install-sh

ltmain.sh

missing

poppler/CairoOutputDev.cc

poppler/CairoOutputDev.h

poppler/JPXStream.cc

poppler/Makefile.am

poppler/Makefile.in

poppler/SplashOutputDev.cc

poppler/Stream.cc

poppler/Stream.h

poppler/TextOutputDev.cc

poppler/poppler-config.h

poppler/poppler-config.h.in

qt/Makefile.am

qt/Makefile.in

qt/poppler-qt.h

Show diffs side-by-side

added added

removed removed

debian/changelog

poppler (0.4.2-1ubuntu5) dapper; urgency=low

* debian/patches/04_CVE-2005-3191_2_3.patch:

- poppler/Stream.cc, StreamPredictor::StreamPredictor(): Check for

(nVals * nBits) + 7 overflow, too.

-- Martin Pitt <martin.pitt@ubuntu.com> Mon, 12 Dec 2005 10:58:32 +0100

poppler (0.4.2-1ubuntu4) dapper; urgency=low

* debian/patches/04_CVE-2005-3191_2_3.patch:

- Change upstream patch for StreamPredictor::StreamPredictor() and

JPXStream::readCodestream() checks to use division instead of

multplication, which is undefined on overflow.

-- Martin Pitt <martin.pitt@ubuntu.com> Fri, 9 Dec 2005 17:38:56 +0100

poppler (0.4.2-1ubuntu3) dapper; urgency=low

* debian/patches/04_CVE-2005-3191_2_3.patch: Also check numComps overflow in

DCTStream::readScanInfo().

-- Martin Pitt <martin.pitt@ubuntu.com> Fri, 9 Dec 2005 11:10:49 +0100

poppler (0.4.2-1ubuntu2) dapper; urgency=low

poppler (0.4.3-1) unstable; urgency=high

* New upstream release.

* New maintainer (Closes: #344738)

* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.

* Fixed some rendering bugs and disabled Cairo output

(Closes: #314556, #322964, #328211)

* Acknowledge NMU (Closes: #342288)

* Add 001-selection-crash-bug.patch (Closes: #330544)

* Add poppler-utils (merge patch from Ubuntu)

-- Ondřej Surý <ondrej@sury.org> Fri, 30 Dec 2005 11:34:07 +0100

poppler (0.4.2-1.1) unstable; urgency=high

* SECURITY UPDATE: Multiple integer/buffer overflows.

* Add debian/patches/04_CVE-2005-3191_2_3.patch:

* poppler/Stream.cc, DCTStream::readBaselineSOF():

* NMU to fix RC security bug (closes: #342288)

* Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,

thanks to Martin Pitt:

* poppler/Stream.cc, DCTStream::readBaselineSOF(),

DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():

- Check numComps for invalid values.

- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities

- CVE-2005-3191

* poppler/Stream.cc, DCTStream::DCTStream::readProgressiveSOF():

- Check numComps for invalid values.

- http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities

- CVE-2005-3191

* poppler/Stream.cc, StreamPredictor::StreamPredictor():

- Check rowBytes for invalid values.

- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities

- http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities

- CVE-2005-3193

-- Martin Pitt <martin.pitt@ubuntu.com> Thu, 8 Dec 2005 13:10:21 +0100

poppler (0.4.2-1ubuntu1) dapper; urgency=low

* Sync with Debian.

* Build pdftohtml from the poppler source, simple port of the xpdf-2.0 based

pdftohtml-0.36 version, including Debian patches:

- Patch to make pdftothtml generate output in the current working

directory, instead of in whatever directory contains the pdf-file

being converted.

* debian/control.in:

- list the poppler-utils package.

- updated Depends.

* debian/libpoppler-dev.install, debian/rules:

- build with splash.

* debian/patches/03_printing.patch:

- patch to fix the printing of pdf with non-ascii chars (Ubuntu: #15848).

-- Sebastien Bacher <seb128@canonical.com> Thu, 1 Dec 2005 16:20:02 +0100

-- Frank Küster <frank@debian.org> Fri, 23 Dec 2005 16:36:30 +0100

poppler (0.4.2-1) unstable; urgency=low

Older »