[ubuntu/bionic-proposed] poppler 0.62.0-1ubuntu1 (Accepted)

Thu Jan 25 02:28:18 UTC 2018

poppler (0.62.0-1ubuntu1) bionic; urgency=medium

  * Merge with Debian; remaining changes:
    - d/p/proper-init.patch: Fix thumbnailer crash
    - d/rules: Use --enable-libopenjpeg=unmaintained, it's in universe
    - debian/patches/CVE-2017-2820.patch: check for overflow in
      poppler/JPXStream.cc.
    - debian/patches/CVE-2017-9083.patch: check nComps in
      poppler/JPXStream.cc.

poppler (0.62.0-1) experimental; urgency=medium

  * New upstream release.
  * Drop libpoppler-qt4 library, removed upstream. Closes: #875096.
  * libpoppler72 -> libpoppler73.
  * control: Bump Standards-Version to 4.1.2.

poppler (0.61.1-2) unstable; urgency=medium

  * debian/patches/qt-visibility.diff: forward upstream.
  * Upload to unstable.

poppler (0.61.1-1) experimental; urgency=medium

  * New upstream release.
  * CVE-2017-14517: null pointer dereference on broken files. Closes: #876079.
  * CVE-2017-14518: division by 0 on broken files. Closes: #876082.
  * CVE-2017-14519: infinite recursion on broken files. Closes: #876086.
  * CVE-2017-14520: floating point exception on broken files. Closes: #876081.
  * CVE-2017-14617: floating point exception on broken files. Closes: #876385.
  * CVE-2017-14926: null pointer dereference on broken files. Closes: #877239.
  * CVE-2017-14927: null pointer dereference on broken files. Closes: #877237.
  * CVE-2017-14928: null pointer dereference on broken files. Closes: #877231.
  * CVE-2017-14929: infinite recursion on broken files. Closes: #877222.
  * CVE-2017-14975: null pointer dereference on broken files. Closes: #877957.
  * CVE-2017-14976: heap-based buffer over-read. Closes: #877954.
  * CVE-2017-14977: null pointer dereference on broken files. Closes: #877952.
  * CVE-2017-15565: null pointer dereference on broken files. Closes: #879066.
  * Switch to cmake; the autotools build system is gone.
  * rules: set libdir to the multiarch dir.
  * Don't install static libs, they are not built with cmake.
  * rules: Build with -g to get useful debugging symbols.
  * control: Bump Standards-Version to 4.1.1.
  * control: Drop Testsuite header, no longer needed.
  * libpoppler70 -> libpoppler72.
  * qt-visibility.diff: Port to cmake, but disable for now. Some Qt tests
    use some of the private symbols and they are built now with the cmake
    build system, which causes the build to fail. This makes the Qt
    libraries export way more symbols, but they are not exported in the
    headers, so this is fine for now.

poppler (0.59.0-1) experimental; urgency=medium

  * New upstream release.
  * libpoppler68 -> libpoppler70.
  * Update symbols.
  * control: Downgrade libpoppler-glib-doc dependency on other -doc packages
    to a recommends.
  * control: Remove ancient breaks/replaces.
  * control: Bump Standards-Version to 4.1.0.
  * copyright: Update copyright holders.
  * rules: Switch to dh_missing as dh_install --list-missing is now deprecated.
  * rules: Qt 3 is long gone, no need to try to use qt4's moc over it.
  * rules: Drop V=1, no longer needed.

Date: Thu, 25 Jan 2018 03:12:39 +0100
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/poppler/0.62.0-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 25 Jan 2018 03:12:39 +0100
Source: poppler
Binary: libpoppler73 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils
Architecture: source
Version: 0.62.0-1ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0v5 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
 libpoppler73 - PDF rendering library
 poppler-utils - PDF utilities (based on Poppler)
Closes: 875096 876079 876081 876082 876086 876385 877222 877231 877237 877239 877952 877954 877957 879066
Changes:
 poppler (0.62.0-1ubuntu1) bionic; urgency=medium
 .
   * Merge with Debian; remaining changes:
     - d/p/proper-init.patch: Fix thumbnailer crash
     - d/rules: Use --enable-libopenjpeg=unmaintained, it's in universe
     - debian/patches/CVE-2017-2820.patch: check for overflow in
       poppler/JPXStream.cc.
     - debian/patches/CVE-2017-9083.patch: check nComps in
       poppler/JPXStream.cc.
 .
 poppler (0.62.0-1) experimental; urgency=medium
 .
   * New upstream release.
   * Drop libpoppler-qt4 library, removed upstream. Closes: #875096.
   * libpoppler72 -> libpoppler73.
   * control: Bump Standards-Version to 4.1.2.
 .
 poppler (0.61.1-2) unstable; urgency=medium
 .
   * debian/patches/qt-visibility.diff: forward upstream.
   * Upload to unstable.
 .
 poppler (0.61.1-1) experimental; urgency=medium
 .
   * New upstream release.
   * CVE-2017-14517: null pointer dereference on broken files. Closes: #876079.
   * CVE-2017-14518: division by 0 on broken files. Closes: #876082.
   * CVE-2017-14519: infinite recursion on broken files. Closes: #876086.
   * CVE-2017-14520: floating point exception on broken files. Closes: #876081.
   * CVE-2017-14617: floating point exception on broken files. Closes: #876385.
   * CVE-2017-14926: null pointer dereference on broken files. Closes: #877239.
   * CVE-2017-14927: null pointer dereference on broken files. Closes: #877237.
   * CVE-2017-14928: null pointer dereference on broken files. Closes: #877231.
   * CVE-2017-14929: infinite recursion on broken files. Closes: #877222.
   * CVE-2017-14975: null pointer dereference on broken files. Closes: #877957.
   * CVE-2017-14976: heap-based buffer over-read. Closes: #877954.
   * CVE-2017-14977: null pointer dereference on broken files. Closes: #877952.
   * CVE-2017-15565: null pointer dereference on broken files. Closes: #879066.
   * Switch to cmake; the autotools build system is gone.
   * rules: set libdir to the multiarch dir.
   * Don't install static libs, they are not built with cmake.
   * rules: Build with -g to get useful debugging symbols.
   * control: Bump Standards-Version to 4.1.1.
   * control: Drop Testsuite header, no longer needed.
   * libpoppler70 -> libpoppler72.
   * qt-visibility.diff: Port to cmake, but disable for now. Some Qt tests
     use some of the private symbols and they are built now with the cmake
     build system, which causes the build to fail. This makes the Qt
     libraries export way more symbols, but they are not exported in the
     headers, so this is fine for now.
 .
 poppler (0.59.0-1) experimental; urgency=medium
 .
   * New upstream release.
   * libpoppler68 -> libpoppler70.
   * Update symbols.
   * control: Downgrade libpoppler-glib-doc dependency on other -doc packages
     to a recommends.
   * control: Remove ancient breaks/replaces.
   * control: Bump Standards-Version to 4.1.0.
   * copyright: Update copyright holders.
   * rules: Switch to dh_missing as dh_install --list-missing is now deprecated.
   * rules: Qt 3 is long gone, no need to try to use qt4's moc over it.
   * rules: Drop V=1, no longer needed.
Checksums-Sha1:
 bf47bcde6b2728099638a2cab32dfa5412128909 3402 poppler_0.62.0-1ubuntu1.dsc
 45f5186f9c514d121acd8c4aeae0e0137916a5f4 1423372 poppler_0.62.0.orig.tar.xz
 b37f32fd59fd074a3e81ba1e27b362868a2aff07 33060 poppler_0.62.0-1ubuntu1.debian.tar.xz
 1262a09c98649a150e13e7b3caee64aa58f948ed 15541 poppler_0.62.0-1ubuntu1_source.buildinfo
Checksums-Sha256:
 1bb5558b260eeea85aeef9ad5fc619a12da5a45fabd3450e4136bd7e6f0b1f79 3402 poppler_0.62.0-1ubuntu1.dsc
 5b9a73dfd4d6f61d165ada1e4f0abd2d420494bf9d0b1c15d0db3f7b83a729c6 1423372 poppler_0.62.0.orig.tar.xz
 3dcf490457ea6c2c850248798fbf3b944816020ce5a69f4a565903f49bc34ac8 33060 poppler_0.62.0-1ubuntu1.debian.tar.xz
 6e58adb074ad934045379a7d605b10fbbb72cb1393f78e463be46c3c431f02b3 15541 poppler_0.62.0-1ubuntu1_source.buildinfo
Files:
 4b7ecf2690c7817055d7f04b892e155d 3402 devel optional poppler_0.62.0-1ubuntu1.dsc
 42b801f2defaccb6b6cf1bf783ee1552 1423372 devel optional poppler_0.62.0.orig.tar.xz
 c0ef953552bdd64cb82aae4bf0c719a0 33060 devel optional poppler_0.62.0-1ubuntu1.debian.tar.xz
 9b362b1bb0b178597f3227b6a7eadf37 15541 devel optional poppler_0.62.0-1ubuntu1_source.buildinfo
Original-Maintainer: Debian freedesktop.org maintainers <pkg-freedesktop-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAlppP9oQHGRva29AdWJ1
bnR1LmNvbQAKCRC9fqpgd4+m9SneEACw+VFbPr7hYcT7+YiiKFjP1087lDkBbn2n
sJwj7uOHx/9dpzr1IvRNicAnUp4BR0/7eqiqAf9SdI2P4CB6bRzPyG9gnS7hcWk5
5WeDS4KU5Iy0g1Hw7mA5H8liO+T/t7JX0yRyns3Y3eRFo7d3Uzll9ZV1GhE2G/pk
xLEycga2UZUlKm3VLfmW41A0dM8jRHxr7xkrsnYKXOWd2MMDkLeVCu3o3n2Ce/7A
PWYSRj/8ZzdO2TwDp/kcFxr4Kwhq3+sGmozuw0OjIBxL21H+m8Vp6p+hrA/NqJgx
DeHrKbJeWwkunSP6s2w3k5U65tk5ixa36pMrYG9WYgSwEKyuQchtyaKq3vDNX3wY
DfzMhuB5eIATIP55LMWxK7XaVyR42kHNlErjPDa6HZnlDxZwDQlU9PQl/epi0wHj
ymfACyG1RebEO9H3b/sOr8IkzbFOj2eeOjzLPb5Wjab5JB8x11cvn4qQtRj2qNiC
Rbeyf15TpO1AuM+0fvGhr2lK+X9YfBdqyM/DjRY7RLshwp9xdzYZZHMuUik+5vYq
KYL0UVWFsq/4+rrYHpeSHjRCyi7cm73GCM4uTm5l6C3yujiXEYtrwDJDp8XOJ5sd
momEhKqJDck+IsBik4lDKJ/ke6fljlR1TRtJJawSi10lnaZtN523dZnu9qcXbwJT
YuBDtokv/Q==
=+ggR
-----END PGP SIGNATURE-----