Accepted poppler 0.4.2-1ubuntu2 (source)

Martin Pitt martin.pitt at ubuntu.com
Thu Dec 8 12:20:07 GMT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu,  8 Dec 2005 13:10:21 +0100
Source: poppler
Binary: libpoppler-glib-dev poppler-utils libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source
Version: 0.4.2-1ubuntu2
Distribution: dapper
Urgency: low
Maintainer: Changwoo Ryu <cwryu at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
 libpoppler0c2 - PDF rendering library
 libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
 libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
 poppler-utils - PDF utilitites (based on libpoppler)
Changes: 
 poppler (0.4.2-1ubuntu2) dapper; urgency=low
 .
   * SECURITY UPDATE: Multiple integer/buffer overflows.
   * Add debian/patches/04_CVE-2005-3191_2_3.patch:
   * poppler/Stream.cc, DCTStream::readBaselineSOF():
     - Check numComps for invalid values.
     - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
     - CVE-2005-3191
   * poppler/Stream.cc, DCTStream::DCTStream::readProgressiveSOF():
     - Check numComps for invalid values.
     - http://www.idefense.com/application/poi/display?id=343&type=vulnerabilities
     - CVE-2005-3191
   * poppler/Stream.cc, StreamPredictor::StreamPredictor():
     - Check rowBytes for invalid values.
     - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
     - CVE-2005-3192
    * poppler/JPXStream.cc, JPXStream::readCodestream():
      - Check img.nXTiles * img.nYTiles for integer overflow.
      - http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
      - CVE-2005-3193
Files: 
 7715d9f0ed358b95f49edfd7b568cfd4 1762 devel optional poppler_0.4.2-1ubuntu2.dsc
 79c4f67f702bc10c0cf78ed5699423af 105904 devel optional poppler_0.4.2-1ubuntu2.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDmCLJDecnbV4Fd/IRAr9OAJ4vHeq6RUPsUy5KJ6O4c8PjQhnEHgCg2SN8
6IHjEMgzXoVQU2xbzUCK1RA=
=ydor
-----END PGP SIGNATURE-----


Accepted:
poppler_0.4.2-1ubuntu2.diff.gz
  to pool/main/p/poppler/poppler_0.4.2-1ubuntu2.diff.gz
poppler_0.4.2-1ubuntu2.dsc
  to pool/main/p/poppler/poppler_0.4.2-1ubuntu2.dsc

More information about the dapper-changes mailing list