[ubuntu/artful-proposed] poppler 0.57.0-2ubuntu4 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Oct 10 18:08:58 UTC 2017
poppler (0.57.0-2ubuntu4) artful; urgency=medium
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
documents in splash/Splash.cc.
- CVE-2017-14518
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
srcWidth is less than 1 in splash/Splash.cc.
- CVE-2017-14520
* SECURITY UPDATE: Floating point exception in ImageStream
- debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
poppler/Stream.cc.
- CVE-2017-14617
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14926.patch: Fix crash on broken files
in poppler/Annot.cc.
- CVE-2017-14926
* SECURITY UPDATE: NULL pointer dereferencem
- debian/patches/CVE-2017-14927.patch: Fix crash in broken files in
poppler/SplashOutputDev.cc
- CVE-2017-14927
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14928.patch: Fix crash broken files
in poppler/Annot.cc.
- CVE-2017-14928
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2017-14929.patch: Fix infinite recursion
in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
- CVE-2017-14929
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14975
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2017-14976.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14976
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
fofi/FoFiTrueType.cc.
- CVE-2017-14977
Date: Thu, 05 Oct 2017 15:20:07 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu4
-------------- next part --------------
Format: 1.8
Date: Thu, 05 Oct 2017 15:20:07 -0300
Source: poppler
Binary: libpoppler68 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils
Architecture: source
Version: 0.57.0-2ubuntu4
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
libpoppler-dev - PDF rendering library -- development files
libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
libpoppler-glib8 - PDF rendering library (GLib-based shared library)
libpoppler-private-dev - PDF rendering library -- private development files
libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
libpoppler68 - PDF rendering library
poppler-utils - PDF utilities (based on Poppler)
Changes:
poppler (0.57.0-2ubuntu4) artful; urgency=medium
.
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
documents in splash/Splash.cc.
- CVE-2017-14518
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
srcWidth is less than 1 in splash/Splash.cc.
- CVE-2017-14520
* SECURITY UPDATE: Floating point exception in ImageStream
- debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
poppler/Stream.cc.
- CVE-2017-14617
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14926.patch: Fix crash on broken files
in poppler/Annot.cc.
- CVE-2017-14926
* SECURITY UPDATE: NULL pointer dereferencem
- debian/patches/CVE-2017-14927.patch: Fix crash in broken files in
poppler/SplashOutputDev.cc
- CVE-2017-14927
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14928.patch: Fix crash broken files
in poppler/Annot.cc.
- CVE-2017-14928
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2017-14929.patch: Fix infinite recursion
in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
- CVE-2017-14929
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14975
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2017-14976.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14976
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
fofi/FoFiTrueType.cc.
- CVE-2017-14977
Checksums-Sha1:
d7215683bb6f91a6dddbc0b9556adcd6d93777b1 3512 poppler_0.57.0-2ubuntu4.dsc
b3e7e928325bbd8fbb256be190e0e20f8a81d5d0 41492 poppler_0.57.0-2ubuntu4.debian.tar.xz
aa5c96b3b3d660469dc3bc714df45ed7b4b5a305 15309 poppler_0.57.0-2ubuntu4_source.buildinfo
Checksums-Sha256:
cb94ed0cd357607d03d3cb33e489bf9bd71b303388353be45344557abee25cbb 3512 poppler_0.57.0-2ubuntu4.dsc
25f16bb69c0f9a6021713be3ad2c373c07267beb9c7f3fdbd9c7d86b8fd6ccfc 41492 poppler_0.57.0-2ubuntu4.debian.tar.xz
6db936cee9c234974abada83c58b45ba2aa0b84751a10d9f9921a654c4ffe1cc 15309 poppler_0.57.0-2ubuntu4_source.buildinfo
Files:
8022b8c7868e0f5500b9b6bd2e8e05be 3512 devel optional poppler_0.57.0-2ubuntu4.dsc
3cc7e7a555b990ceb9b8e7a727ab6a93 41492 devel optional poppler_0.57.0-2ubuntu4.debian.tar.xz
0a6adf39fe5a74c46cafba8cca84e21e 15309 devel optional poppler_0.57.0-2ubuntu4_source.buildinfo
Original-Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers at lists.alioth.debian.org>
More information about the Artful-changes
mailing list