[ubuntu/artful-proposed] poppler 0.57.0-2ubuntu1 (Accepted)
Rico Tzschichholz
ricotz at ubuntu.com
Tue Sep 5 13:52:14 UTC 2017
poppler (0.57.0-2ubuntu1) artful; urgency=medium
* Merge from Debian unstable. Remaining changes:
- d/p/proper-init.patch: Fix thumbnailer crash
- d/rules: Use --enable-libopenjpeg=none, it's in universe
- debian/patches/CVE-2017-2820.patch: check for overflow in
poppler/JPXStream.cc.
- debian/patches/CVE-2017-9083.patch: check nComps in
poppler/JPXStream.cc.
poppler (0.57.0-2) unstable; urgency=medium
* debian/copyright: Add missing copyright holders. Closes: #872298.
* Upload to unstable.
poppler (0.57.0-1) experimental; urgency=medium
[ Pino Toscano ]
* Update Vcs-* fields.
* Add a lintian override for the "breaks-without-version xpdf-common" in
poppler-utils, as it is making sure to clean up xpdf-common for upgrades
to Buster.
[ Emilio Pozuelo Monfort ]
* New upstream release. Closes: #860955.
* Fixes:
CVE-2017-9406: memory leak parsing XRef entries. Closes: #864010.
CVE-2017-9408: memory leak in Object::initArray. Closes: #864009.
CVE-2017-9775: stack buffer overflow in GfxState.cc. Closes: #865680.
CVE-2017-9776: integer overflow leading to heap buffer overflow
in JBIG2Stream.cc. Closes: #865679.
CVE-2017-9865: stack buffer overflow in GfxImageColorMap::getGray.
Closes: #867477.
CVE-2017-7511: pdfunite denial of service due to null pointer
dereference. Closes: #863759.
CVE-2017-7515: crash in tools due to infinite recursion.
* debian/patches/upstream_pdfseparate-remove-extra-in-error-message.patch:
+ Dropped, fixed upstream.
* Update symbols files.
* libpoppler64 -> libpoppler68.
* Re-enable PIE. Looks like Qt5 got fixed.
* Bump debhelper compat to 10.
+ debhelper now defaults to --with autoreconf.
+ It also defaults to --parallel.
* Switch to -dbgsym packages.
* Set the team as maintainer.
* Add myself to uploaders.
Date: Tue, 05 Sep 2017 15:42:45 +0200
Changed-By: Rico Tzschichholz <ricotz at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: LocutusOfBorg <costamagnagianfranco at yahoo.it>
https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 05 Sep 2017 15:42:45 +0200
Source: poppler
Binary: libpoppler68 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils
Architecture: source
Version: 0.57.0-2ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Rico Tzschichholz <ricotz at ubuntu.com>
Description:
gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
libpoppler-dev - PDF rendering library -- development files
libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
libpoppler-glib8 - PDF rendering library (GLib-based shared library)
libpoppler-private-dev - PDF rendering library -- private development files
libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
libpoppler68 - PDF rendering library
poppler-utils - PDF utilities (based on Poppler)
Closes: 860955 863759 864009 864010 865679 865680 867477 872298
Changes:
poppler (0.57.0-2ubuntu1) artful; urgency=medium
.
* Merge from Debian unstable. Remaining changes:
- d/p/proper-init.patch: Fix thumbnailer crash
- d/rules: Use --enable-libopenjpeg=none, it's in universe
- debian/patches/CVE-2017-2820.patch: check for overflow in
poppler/JPXStream.cc.
- debian/patches/CVE-2017-9083.patch: check nComps in
poppler/JPXStream.cc.
.
poppler (0.57.0-2) unstable; urgency=medium
.
* debian/copyright: Add missing copyright holders. Closes: #872298.
* Upload to unstable.
.
poppler (0.57.0-1) experimental; urgency=medium
.
[ Pino Toscano ]
* Update Vcs-* fields.
* Add a lintian override for the "breaks-without-version xpdf-common" in
poppler-utils, as it is making sure to clean up xpdf-common for upgrades
to Buster.
.
[ Emilio Pozuelo Monfort ]
* New upstream release. Closes: #860955.
* Fixes:
CVE-2017-9406: memory leak parsing XRef entries. Closes: #864010.
CVE-2017-9408: memory leak in Object::initArray. Closes: #864009.
CVE-2017-9775: stack buffer overflow in GfxState.cc. Closes: #865680.
CVE-2017-9776: integer overflow leading to heap buffer overflow
in JBIG2Stream.cc. Closes: #865679.
CVE-2017-9865: stack buffer overflow in GfxImageColorMap::getGray.
Closes: #867477.
CVE-2017-7511: pdfunite denial of service due to null pointer
dereference. Closes: #863759.
CVE-2017-7515: crash in tools due to infinite recursion.
* debian/patches/upstream_pdfseparate-remove-extra-in-error-message.patch:
+ Dropped, fixed upstream.
* Update symbols files.
* libpoppler64 -> libpoppler68.
* Re-enable PIE. Looks like Qt5 got fixed.
* Bump debhelper compat to 10.
+ debhelper now defaults to --with autoreconf.
+ It also defaults to --parallel.
* Switch to -dbgsym packages.
* Set the team as maintainer.
* Add myself to uploaders.
Checksums-Sha1:
60eadb217d92506dc82766ddaf85b4541bcfa44a 3494 poppler_0.57.0-2ubuntu1.dsc
d9deabe57a5e2f880150d8b8d26aeb8f34e1af46 33344 poppler_0.57.0-2ubuntu1.debian.tar.xz
Checksums-Sha256:
6bbd54197a8e3a70ce3fb1cc403703b8526ecc0004bcd1e94158f8bc99815841 3494 poppler_0.57.0-2ubuntu1.dsc
3689f4d875e19691f7c31023585c2588750760d75f16d693a6b86c856a4ec08c 33344 poppler_0.57.0-2ubuntu1.debian.tar.xz
Files:
90a793b2245ca26975eca31f1f56311e 3494 devel optional poppler_0.57.0-2ubuntu1.dsc
bcecdecf182fcc424fc2117f4c19fad7 33344 devel optional poppler_0.57.0-2ubuntu1.debian.tar.xz
Original-Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJZrqvJAAoJEPNPCXROn13ZYQ4P/0QUBPdT+zpGGh+LuJQoGSku
G2QmIX+htuLKIQj3HTY9MD332YagydWSbN8cZ4Hfx5OLi+qm8Za/zBknQ/Us7Omb
dBDImantk0vmBkxcXOmTwJ5uDSi57H1L/xQvKhSw0OIvaMVt0/9jcuxBUh1Oc1OH
DhtIA7A2SUaHLVARrkxXVX7Ca4B82p3gJxibjmLrOw4Rfj42TfhSifC5pmeLVVLU
XuMk9TXZ64OrooIQmzdHMbROCmhSXFj0XxfX/3KT5dlUWvCrudSqA7+pzj8N/Q+l
mlhqvedHmlt0A8tu9e0CWOiPnpxye6f97U/Qkdi1zVR1p4QVFpKS6LrYOJF7AaMs
/vle89K8aqs9nJmn0R8nc8EhGpU5B/MJiwfqDDv0RN/GTDZb2Hxw3p2NQu/snWsZ
iif2QBH1kvUESwNN18eooNtZy2np9gN/Q/WR2l6rLGY2C4BynwEygOKrgZpJHpUu
0N8y+Xf80pPwMXyvZ+yrNION4V0uNxg/3mnrgSHFkbHEnYTQRtNMGaP1Gcqt4DJN
czKEB4AmUN9/db0qllhywigUlVOggGCzHeviK25xN9B8f+US4cN05XjkeuYDsDCO
bvoTNQxp/QQXt3ypLA9/4F4RjKpW93ZeTogJFhnKTiyCXowyohvg5Vp4l5riclwj
il2kzXZycjrwbFKXUoMj
=cDF3
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list