[ubuntu/artful-proposed] poppler 0.57.0-2ubuntu4 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Tue Oct 10 18:08:58 UTC 2017 

poppler (0.57.0-2ubuntu4) artful; urgency=medium

  * SECURITY UPDATE: Floating point exception
    - debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
      documents in splash/Splash.cc.
    - CVE-2017-14518
  * SECURITY UPDATE: Floating point exception
    - debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
      srcWidth is less than 1 in splash/Splash.cc.
    - CVE-2017-14520
  * SECURITY UPDATE: Floating point exception in ImageStream
    - debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
      poppler/Stream.cc.
    - CVE-2017-14617
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-14926.patch: Fix crash on broken files
      in poppler/Annot.cc.
    - CVE-2017-14926
  * SECURITY UPDATE: NULL pointer dereferencem
    - debian/patches/CVE-2017-14927.patch: Fix crash in broken files in
      poppler/SplashOutputDev.cc
    - CVE-2017-14927
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-14928.patch: Fix crash broken files
      in poppler/Annot.cc.
    - CVE-2017-14928
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2017-14929.patch: Fix infinite recursion
      in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
    - CVE-2017-14929
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
      fofi/FoFiType1C.cc.
    - CVE-2017-14975
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2017-14976.patch: fix crash in convertToType0 in
      fofi/FoFiType1C.cc.
    - CVE-2017-14976
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
      fofi/FoFiTrueType.cc.
    - CVE-2017-14977

Date: Thu, 05 Oct 2017 15:20:07 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu4
-------------- next part --------------
Format: 1.8
Date: Thu, 05 Oct 2017 15:20:07 -0300
Source: poppler
Binary: libpoppler68 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils
Architecture: source
Version: 0.57.0-2ubuntu4
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
 libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
 libpoppler68 - PDF rendering library
 poppler-utils - PDF utilities (based on Poppler)
Changes:
 poppler (0.57.0-2ubuntu4) artful; urgency=medium
 .
   * SECURITY UPDATE: Floating point exception
     - debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
       documents in splash/Splash.cc.
     - CVE-2017-14518
   * SECURITY UPDATE: Floating point exception
     - debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
       srcWidth is less than 1 in splash/Splash.cc.
     - CVE-2017-14520
   * SECURITY UPDATE: Floating point exception in ImageStream
     - debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
       poppler/Stream.cc.
     - CVE-2017-14617
   * SECURITY UPDATE: NULL pointer dereference
     - debian/patches/CVE-2017-14926.patch: Fix crash on broken files
       in poppler/Annot.cc.
     - CVE-2017-14926
   * SECURITY UPDATE: NULL pointer dereferencem
     - debian/patches/CVE-2017-14927.patch: Fix crash in broken files in
       poppler/SplashOutputDev.cc
     - CVE-2017-14927
   * SECURITY UPDATE: NULL pointer dereference
     - debian/patches/CVE-2017-14928.patch: Fix crash broken files
       in poppler/Annot.cc.
     - CVE-2017-14928
   * SECURITY UPDATE: Memory corruption
     - debian/patches/CVE-2017-14929.patch: Fix infinite recursion
       in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
     - CVE-2017-14929
   * SECURITY UPDATE: NULL pointer dereference
     - debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
       fofi/FoFiType1C.cc.
     - CVE-2017-14975
   * SECURITY UPDATE: heap-based buffer over-read
     - debian/patches/CVE-2017-14976.patch: fix crash in convertToType0 in
       fofi/FoFiType1C.cc.
     - CVE-2017-14976
   * SECURITY UPDATE: NULL pointer dereference
     - debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
       fofi/FoFiTrueType.cc.
     - CVE-2017-14977
Checksums-Sha1:
 d7215683bb6f91a6dddbc0b9556adcd6d93777b1 3512 poppler_0.57.0-2ubuntu4.dsc
 b3e7e928325bbd8fbb256be190e0e20f8a81d5d0 41492 poppler_0.57.0-2ubuntu4.debian.tar.xz
 aa5c96b3b3d660469dc3bc714df45ed7b4b5a305 15309 poppler_0.57.0-2ubuntu4_source.buildinfo
Checksums-Sha256:
 cb94ed0cd357607d03d3cb33e489bf9bd71b303388353be45344557abee25cbb 3512 poppler_0.57.0-2ubuntu4.dsc
 25f16bb69c0f9a6021713be3ad2c373c07267beb9c7f3fdbd9c7d86b8fd6ccfc 41492 poppler_0.57.0-2ubuntu4.debian.tar.xz
 6db936cee9c234974abada83c58b45ba2aa0b84751a10d9f9921a654c4ffe1cc 15309 poppler_0.57.0-2ubuntu4_source.buildinfo
Files:
 8022b8c7868e0f5500b9b6bd2e8e05be 3512 devel optional poppler_0.57.0-2ubuntu4.dsc
 3cc7e7a555b990ceb9b8e7a727ab6a93 41492 devel optional poppler_0.57.0-2ubuntu4.debian.tar.xz
 0a6adf39fe5a74c46cafba8cca84e21e 15309 devel optional poppler_0.57.0-2ubuntu4_source.buildinfo
Original-Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers at lists.alioth.debian.org>

More information about the Artful-changes mailing list