[ubuntu/artful-proposed] poppler 0.57.0-2ubuntu1 (Accepted)

Rico Tzschichholz ricotz at ubuntu.com
Tue Sep 5 13:52:14 UTC 2017 

poppler (0.57.0-2ubuntu1) artful; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - d/p/proper-init.patch: Fix thumbnailer crash
    - d/rules: Use --enable-libopenjpeg=none, it's in universe
    - debian/patches/CVE-2017-2820.patch: check for overflow in
      poppler/JPXStream.cc.
    - debian/patches/CVE-2017-9083.patch: check nComps in
      poppler/JPXStream.cc.

poppler (0.57.0-2) unstable; urgency=medium

  * debian/copyright: Add missing copyright holders. Closes: #872298.
  * Upload to unstable.

poppler (0.57.0-1) experimental; urgency=medium

  [ Pino Toscano ]
  * Update Vcs-* fields.
  * Add a lintian override for the "breaks-without-version xpdf-common" in
    poppler-utils, as it is making sure to clean up xpdf-common for upgrades
    to Buster.

  [ Emilio Pozuelo Monfort ]
  * New upstream release. Closes: #860955.
  * Fixes:
    CVE-2017-9406: memory leak parsing XRef entries. Closes: #864010.
    CVE-2017-9408: memory leak in Object::initArray. Closes: #864009.
    CVE-2017-9775: stack buffer overflow in GfxState.cc. Closes: #865680.
    CVE-2017-9776: integer overflow leading to heap buffer overflow
    in JBIG2Stream.cc. Closes: #865679.
    CVE-2017-9865: stack buffer overflow in GfxImageColorMap::getGray.
    Closes: #867477.
    CVE-2017-7511: pdfunite denial of service due to null pointer
    dereference. Closes: #863759.
    CVE-2017-7515: crash in tools due to infinite recursion.
  * debian/patches/upstream_pdfseparate-remove-extra-in-error-message.patch:
    + Dropped, fixed upstream.
  * Update symbols files.
  * libpoppler64 -> libpoppler68.
  * Re-enable PIE. Looks like Qt5 got fixed.
  * Bump debhelper compat to 10.
    + debhelper now defaults to --with autoreconf.
    + It also defaults to --parallel.
  * Switch to -dbgsym packages.
  * Set the team as maintainer.
  * Add myself to uploaders.

Date: Tue, 05 Sep 2017 15:42:45 +0200
Changed-By: Rico Tzschichholz <ricotz at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: LocutusOfBorg <costamagnagianfranco at yahoo.it>
https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 05 Sep 2017 15:42:45 +0200
Source: poppler
Binary: libpoppler68 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils
Architecture: source
Version: 0.57.0-2ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Rico Tzschichholz <ricotz at ubuntu.com>
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
 libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
 libpoppler68 - PDF rendering library
 poppler-utils - PDF utilities (based on Poppler)
Closes: 860955 863759 864009 864010 865679 865680 867477 872298
Changes:
 poppler (0.57.0-2ubuntu1) artful; urgency=medium
 .
   * Merge from Debian unstable.  Remaining changes:
     - d/p/proper-init.patch: Fix thumbnailer crash
     - d/rules: Use --enable-libopenjpeg=none, it's in universe
     - debian/patches/CVE-2017-2820.patch: check for overflow in
       poppler/JPXStream.cc.
     - debian/patches/CVE-2017-9083.patch: check nComps in
       poppler/JPXStream.cc.
 .
 poppler (0.57.0-2) unstable; urgency=medium
 .
   * debian/copyright: Add missing copyright holders. Closes: #872298.
   * Upload to unstable.
 .
 poppler (0.57.0-1) experimental; urgency=medium
 .
   [ Pino Toscano ]
   * Update Vcs-* fields.
   * Add a lintian override for the "breaks-without-version xpdf-common" in
     poppler-utils, as it is making sure to clean up xpdf-common for upgrades
     to Buster.
 .
   [ Emilio Pozuelo Monfort ]
   * New upstream release. Closes: #860955.
   * Fixes:
     CVE-2017-9406: memory leak parsing XRef entries. Closes: #864010.
     CVE-2017-9408: memory leak in Object::initArray. Closes: #864009.
     CVE-2017-9775: stack buffer overflow in GfxState.cc. Closes: #865680.
     CVE-2017-9776: integer overflow leading to heap buffer overflow
     in JBIG2Stream.cc. Closes: #865679.
     CVE-2017-9865: stack buffer overflow in GfxImageColorMap::getGray.
     Closes: #867477.
     CVE-2017-7511: pdfunite denial of service due to null pointer
     dereference. Closes: #863759.
     CVE-2017-7515: crash in tools due to infinite recursion.
   * debian/patches/upstream_pdfseparate-remove-extra-in-error-message.patch:
     + Dropped, fixed upstream.
   * Update symbols files.
   * libpoppler64 -> libpoppler68.
   * Re-enable PIE. Looks like Qt5 got fixed.
   * Bump debhelper compat to 10.
     + debhelper now defaults to --with autoreconf.
     + It also defaults to --parallel.
   * Switch to -dbgsym packages.
   * Set the team as maintainer.
   * Add myself to uploaders.
Checksums-Sha1:
 60eadb217d92506dc82766ddaf85b4541bcfa44a 3494 poppler_0.57.0-2ubuntu1.dsc
 d9deabe57a5e2f880150d8b8d26aeb8f34e1af46 33344 poppler_0.57.0-2ubuntu1.debian.tar.xz
Checksums-Sha256:
 6bbd54197a8e3a70ce3fb1cc403703b8526ecc0004bcd1e94158f8bc99815841 3494 poppler_0.57.0-2ubuntu1.dsc
 3689f4d875e19691f7c31023585c2588750760d75f16d693a6b86c856a4ec08c 33344 poppler_0.57.0-2ubuntu1.debian.tar.xz
Files:
 90a793b2245ca26975eca31f1f56311e 3494 devel optional poppler_0.57.0-2ubuntu1.dsc
 bcecdecf182fcc424fc2117f4c19fad7 33344 devel optional poppler_0.57.0-2ubuntu1.debian.tar.xz
Original-Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJZrqvJAAoJEPNPCXROn13ZYQ4P/0QUBPdT+zpGGh+LuJQoGSku
G2QmIX+htuLKIQj3HTY9MD332YagydWSbN8cZ4Hfx5OLi+qm8Za/zBknQ/Us7Omb
dBDImantk0vmBkxcXOmTwJ5uDSi57H1L/xQvKhSw0OIvaMVt0/9jcuxBUh1Oc1OH
DhtIA7A2SUaHLVARrkxXVX7Ca4B82p3gJxibjmLrOw4Rfj42TfhSifC5pmeLVVLU
XuMk9TXZ64OrooIQmzdHMbROCmhSXFj0XxfX/3KT5dlUWvCrudSqA7+pzj8N/Q+l
mlhqvedHmlt0A8tu9e0CWOiPnpxye6f97U/Qkdi1zVR1p4QVFpKS6LrYOJF7AaMs
/vle89K8aqs9nJmn0R8nc8EhGpU5B/MJiwfqDDv0RN/GTDZb2Hxw3p2NQu/snWsZ
iif2QBH1kvUESwNN18eooNtZy2np9gN/Q/WR2l6rLGY2C4BynwEygOKrgZpJHpUu
0N8y+Xf80pPwMXyvZ+yrNION4V0uNxg/3mnrgSHFkbHEnYTQRtNMGaP1Gcqt4DJN
czKEB4AmUN9/db0qllhywigUlVOggGCzHeviK25xN9B8f+US4cN05XjkeuYDsDCO
bvoTNQxp/QQXt3ypLA9/4F4RjKpW93ZeTogJFhnKTiyCXowyohvg5Vp4l5riclwj
il2kzXZycjrwbFKXUoMj
=cDF3
-----END PGP SIGNATURE-----

More information about the Artful-changes mailing list