Accepted poppler 0.4.2-1ubuntu2 (source)
Martin Pitt
martin.pitt at ubuntu.com
Thu Dec 8 12:20:07 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 8 Dec 2005 13:10:21 +0100
Source: poppler
Binary: libpoppler-glib-dev poppler-utils libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source
Version: 0.4.2-1ubuntu2
Distribution: dapper
Urgency: low
Maintainer: Changwoo Ryu <cwryu at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
libpoppler0c2 - PDF rendering library
libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
poppler-utils - PDF utilitites (based on libpoppler)
Changes:
poppler (0.4.2-1ubuntu2) dapper; urgency=low
.
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Add debian/patches/04_CVE-2005-3191_2_3.patch:
* poppler/Stream.cc, DCTStream::readBaselineSOF():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
- CVE-2005-3191
* poppler/Stream.cc, DCTStream::DCTStream::readProgressiveSOF():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities
- CVE-2005-3191
* poppler/Stream.cc, StreamPredictor::StreamPredictor():
- Check rowBytes for invalid values.
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
- CVE-2005-3192
* poppler/JPXStream.cc, JPXStream::readCodestream():
- Check img.nXTiles * img.nYTiles for integer overflow.
- http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
- CVE-2005-3193
Files:
7715d9f0ed358b95f49edfd7b568cfd4 1762 devel optional poppler_0.4.2-1ubuntu2.dsc
79c4f67f702bc10c0cf78ed5699423af 105904 devel optional poppler_0.4.2-1ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDmCLJDecnbV4Fd/IRAr9OAJ4vHeq6RUPsUy5KJ6O4c8PjQhnEHgCg2SN8
6IHjEMgzXoVQU2xbzUCK1RA=
=ydor
-----END PGP SIGNATURE-----
Accepted:
poppler_0.4.2-1ubuntu2.diff.gz
to pool/main/p/poppler/poppler_0.4.2-1ubuntu2.diff.gz
poppler_0.4.2-1ubuntu2.dsc
to pool/main/p/poppler/poppler_0.4.2-1ubuntu2.dsc
More information about the dapper-changes
mailing list