-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-10-20 09:23:31 UTC
-
Revision ID:
james.westby@ubuntu.com-20091020092331-0dw5epd0z2xy1rmg
Tags: 0.8.7-1ubuntu0.4
* SECURITY UPDATE: denial of service or arbitrary code execution via
unsafe malloc usage
- debian/patches/65_security_CVE-2009-3605.patch: introduce gmallocn3
in goo/gmem.{cc,h} and replace malloc calls with safe versions in
glib/poppler-page.cc, poppler/{ArthurOutputDev,CairoOutputDev,
GfxState,JBIG2Stream,PSOutputDev,SplashOutputDev}.cc,
splash/{SplashBitmap,Splash,SplashFTFont}.cc.
- CVE-2009-3605
* SECURITY UPDATE: denial of service via invalid Form Opt entry
(LP: #321764)
- debian/patches/66_security_CVE-2009-0755.patch: handle invalid Opt
entry gracefully in poppler/Form.cc.
- CVE-2009-0755
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in rowSize computation
- debian/patches/67_security_CVE-2009-360x.patch: make sure width value
is sane in splash/SplashBitmap.cc.
- CVE-2009-3603
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in pixel buffer size calculation
- debian/patches/67_security_CVE-2009-360x.patch: make sure yp value
is sane in splash/Splash.cc, splash/SplashErrorCodes.h.
- CVE-2009-3604
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in object stream handling
- debian/patches/67_security_CVE-2009-360x.patch: limit number of
nObjects in poppler/XRef.cc.
- CVE-2009-3608
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflow in ImageStream::ImageStream
- debian/patches/67_security_CVE-2009-360x.patch: check size of width
and nComps in poppler/Stream.cc.
- CVE-2009-3609
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in create_surface_from_thumbnail_data
- debian/patches/68_security_CVE-2009-3607.patch: eliminate g_malloc in
glib/poppler-page.cc.
- CVE-2009-3607