Accepted poppler 0.4.3-1 (source)

Sebastien Bacher seb128 at ubuntu.com
Wed Jan 4 23:45:47 GMT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Origin: Debian/unstable
Format: 1.7
Date: Wed,  04 Jan 2006 23:43:30 +0000
Source: poppler
Binary: poppler-utils, libpoppler-glib-dev, libpoppler-qt-dev, libpoppler-dev, libpoppler0c2-glib, libpoppler0c2-qt, libpoppler0c2
Architecture: source
Version: 0.4.3-1
Distribution: dapper
Urgency: high
Maintainer: Ondřej Surý <ondrej at debian.org>
Changed-By: Sebastien Bacher <seb128 at ubuntu.com>
Closes: 314556 322964 328211 330544 342288 342288 344738
Changes: 
 poppler (0.4.3-1) unstable; urgency=high
 .
   * New upstream release.
   * New maintainer (Closes: #344738)
   * CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
   * Fixed some rendering bugs and disabled Cairo output
     (Closes: #314556, #322964, #328211)
   * Acknowledge NMU (Closes: #342288)
   * Add 001-selection-crash-bug.patch (Closes: #330544)
   * Add poppler-utils (merge patch from Ubuntu)
 .
 poppler (0.4.2-1.1) unstable; urgency=high
 .
   * SECURITY UPDATE: Multiple integer/buffer overflows.
 .
   * NMU to fix RC security bug (closes: #342288)
   * Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,
     thanks to Martin Pitt:
   * poppler/Stream.cc, DCTStream::readBaselineSOF(),
     DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
     - Check numComps for invalid values.
     - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
     - CVE-2005-3191
   * poppler/Stream.cc, StreamPredictor::StreamPredictor():
     - Check rowBytes for invalid values.
     - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
     - CVE-2005-3192
    * poppler/JPXStream.cc, JPXStream::readCodestream():
      - Check img.nXTiles * img.nYTiles for integer overflow.
      - http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
      - CVE-2005-3193
Files: 
 791dc78d8366eb05580183fe85174555 779582 devel optional poppler_0.4.3.orig.tar.gz
 f32ec16c14fe8f3ab603da417e4f768e 122483 devel optional poppler_0.4.3-1.diff.gz
 2c34a504743936d600d2edcc712bcde8 1730 devel optional poppler_0.4.3-1.dsc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iQEVAwUBQ7xdogF4adwMEr3XAQJ95wgArhC17RAQOSeRHfPTZEFcsQFdz3wkY6s+
9wgUzAuk/bWnPNfowx0W2lPHjFn+8f1AXwYqzEgV1xzZIftUwFrVQDhhtjIbq9PI
jB8heLApdItm9FEIPC1VzRpM4OnR3pDgE2vIHSoz/+54L4zN6udr2EjYwYzVRdOs
vubCMvqqHJjzqqVIDpo04NYyNOqTKWw8i1tS3m6Zqs8cWwvqE8Txi/GfIYspdkgQ
dsu5mAEcOfYtEmXocgXewNQ8jDkJq69phhMVSdf1j1NY0LhAaps0Tr+bNVoXCK/l
uCQBvV3Fq25G+oSF9mvGh6a0YX3tH6k/z+LzTfP5WqqWLK/ABfvW7w==
=AtqP
-----END PGP SIGNATURE-----


Accepted:
poppler_0.4.3-1.diff.gz
  to pool/main/p/poppler/poppler_0.4.3-1.diff.gz
poppler_0.4.3-1.dsc
  to pool/main/p/poppler/poppler_0.4.3-1.dsc
poppler_0.4.3.orig.tar.gz
  to pool/main/p/poppler/poppler_0.4.3.orig.tar.gz

More information about the dapper-changes mailing list