[ubuntu/artful-proposed] poppler 0.48.0-2ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Jul 17 11:57:14 UTC 2017
poppler (0.48.0-2ubuntu3) artful; urgency=medium
* SECURITY UPDATE: NULL pointer dereference in pdfunite
- debian/patches/CVE-2017-7511.patch: add extra checks to
utils/pdfunite.cc.
- CVE-2017-7511
* SECURITY UPDATE: uncontrolled recursion in pdfunite
- debian/patches/CVE-2017-7515.patch: fix recursion in
poppler/PDFDoc.cc, poppler/PDFDoc.h.
- CVE-2017-7515
* SECURITY UPDATE: NULL pointer dereference in JPXStream::readUByte
- debian/patches/CVE-2017-9083.patch: check nComps in
poppler/JPXStream.cc.
- CVE-2017-9083
* SECURITY UPDATE: memory leak in gmalloc
- debian/patches/CVE-2017-9406.patch: fix leak in poppler/XRef.cc.
- CVE-2017-9406
* SECURITY UPDATE: memory leak in Object::initArray
- debian/patches/CVE-2017-9408.patch: fix leak in poppler/XRef.cc.
- CVE-2017-9408
* SECURITY UPDATE: stack buffer overflow in GfxState.cc
- debian/patches/CVE-2017-9775.patch: add extra checks to
poppler/GfxState.cc.
- CVE-2017-9775
* SECURITY UPDATE: integer overflow in JPXStream::readTilePart
- debian/patches/CVE-2017-2820.patch: check for overflow in
poppler/JPXStream.cc.
- CVE-2017-2820
Date: Thu, 06 Jul 2017 08:52:45 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/poppler/0.48.0-2ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 06 Jul 2017 08:52:45 -0400
Source: poppler
Binary: libpoppler64 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils poppler-dbg
Architecture: source
Version: 0.48.0-2ubuntu3
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
libpoppler-dev - PDF rendering library -- development files
libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
libpoppler-glib8 - PDF rendering library (GLib-based shared library)
libpoppler-private-dev - PDF rendering library -- private development files
libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
libpoppler64 - PDF rendering library
poppler-dbg - PDF rendering library -- debugging symbols
poppler-utils - PDF utilities (based on Poppler)
Changes:
poppler (0.48.0-2ubuntu3) artful; urgency=medium
.
* SECURITY UPDATE: NULL pointer dereference in pdfunite
- debian/patches/CVE-2017-7511.patch: add extra checks to
utils/pdfunite.cc.
- CVE-2017-7511
* SECURITY UPDATE: uncontrolled recursion in pdfunite
- debian/patches/CVE-2017-7515.patch: fix recursion in
poppler/PDFDoc.cc, poppler/PDFDoc.h.
- CVE-2017-7515
* SECURITY UPDATE: NULL pointer dereference in JPXStream::readUByte
- debian/patches/CVE-2017-9083.patch: check nComps in
poppler/JPXStream.cc.
- CVE-2017-9083
* SECURITY UPDATE: memory leak in gmalloc
- debian/patches/CVE-2017-9406.patch: fix leak in poppler/XRef.cc.
- CVE-2017-9406
* SECURITY UPDATE: memory leak in Object::initArray
- debian/patches/CVE-2017-9408.patch: fix leak in poppler/XRef.cc.
- CVE-2017-9408
* SECURITY UPDATE: stack buffer overflow in GfxState.cc
- debian/patches/CVE-2017-9775.patch: add extra checks to
poppler/GfxState.cc.
- CVE-2017-9775
* SECURITY UPDATE: integer overflow in JPXStream::readTilePart
- debian/patches/CVE-2017-2820.patch: check for overflow in
poppler/JPXStream.cc.
- CVE-2017-2820
Checksums-Sha1:
09970f413013506983fc1ee895633055c8400a7e 3473 poppler_0.48.0-2ubuntu3.dsc
46825e501738bba9758326344fb1ef96d234232e 36532 poppler_0.48.0-2ubuntu3.debian.tar.xz
11bce96166b77ca3c5f32bdb91b34bf9c281fe98 15141 poppler_0.48.0-2ubuntu3_source.buildinfo
Checksums-Sha256:
9f244f33f3960b8ded37c2414269be8db230698cefdd8e4236775ffbb967f7ac 3473 poppler_0.48.0-2ubuntu3.dsc
ffa70518c9f3b6e49322ac30e3fbf5a921f7208418d8fa684e3d66b105501616 36532 poppler_0.48.0-2ubuntu3.debian.tar.xz
8007d5043243aa4a9a28896dc430323cbe1f901906c90ddf568f06f13b21f271 15141 poppler_0.48.0-2ubuntu3_source.buildinfo
Files:
1b36f066781866513d321506f7eab585 3473 devel optional poppler_0.48.0-2ubuntu3.dsc
d366a0545586413bac09c07f2539b63f 36532 devel optional poppler_0.48.0-2ubuntu3.debian.tar.xz
dd9ac2460b1ba6f026096efc3691218a 15141 devel optional poppler_0.48.0-2ubuntu3_source.buildinfo
Original-Maintainer: Loic Minier <lool at dooz.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJZbJxaAAoJEGVp2FWnRL6TjkgP/3xNMY2wz+YBzhLFcI4htlDR
URsB4ejhi8GbcXuNAQK7zOGZaeUJ3tTnTkUMCwbZdeUNy3cNwW3eYxMhQGNmBXLI
yQSJjC7MyeDnsGkJJO8j46lqx4WmVv0O0/VprTjbfxiBQrhYicJffbJ0oQB9GoZO
0D9i9BjarKwkvDHVl3tGxcVUzEsyzk7Ov7l1xm1aLm/LA2XMxhXZvcVGqh9jTtDY
7MfqfMbXE7CmNWHVQXhxDE5HL0K79bxdvNsiNDniBQU3DaD5B6fAKigmZu/Vg0EH
VhcGi5oKBfRZ2Nu7FWR1iil91MWrbDSTLAwbY1c7mwtKW/WGaKQ9QJgvOHUQhB0G
PovuMbqXp4C3G6l/h/gUBdh7MSW6nB4OCR+1J0iWjetHCo1bIudJ5BihxsC2soUl
TWA/r4QxsOmCI53ryhkOpAZ7+oxXPCpBwUz2P5SxRscxiwr+ko4h037jLJPr3VrC
gC9ZM8sTOOgfqArmxs42/KwUWewPx6+5XYcg2CPvGTsfeoQDUj3nWNF3AIawFqDD
+xvVb6tKx5+yj5m0vfdxwOlzbQtR/JuTfUAWZYLQulasBXhJ888jYdRjSWZwWZ7R
gl7JbQeGaCpPbgYA07Pa9FgJdp8ljNpkAjLKlq2j5guKsa0wveDEkHZ8Y5qSFJrF
PEfsBMkLOvkEykZG3fnj
=JHPJ
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list