Accepted poppler 0.4.3-1 (source)
Sebastien Bacher
seb128 at ubuntu.com
Wed Jan 4 23:45:47 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Origin: Debian/unstable
Format: 1.7
Date: Wed, 04 Jan 2006 23:43:30 +0000
Source: poppler
Binary: poppler-utils, libpoppler-glib-dev, libpoppler-qt-dev, libpoppler-dev, libpoppler0c2-glib, libpoppler0c2-qt, libpoppler0c2
Architecture: source
Version: 0.4.3-1
Distribution: dapper
Urgency: high
Maintainer: OndÅej Surý <ondrej at debian.org>
Changed-By: Sebastien Bacher <seb128 at ubuntu.com>
Closes: 314556 322964 328211 330544 342288 342288 344738
Changes:
poppler (0.4.3-1) unstable; urgency=high
.
* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
* Fixed some rendering bugs and disabled Cairo output
(Closes: #314556, #322964, #328211)
* Acknowledge NMU (Closes: #342288)
* Add 001-selection-crash-bug.patch (Closes: #330544)
* Add poppler-utils (merge patch from Ubuntu)
.
poppler (0.4.2-1.1) unstable; urgency=high
.
* SECURITY UPDATE: Multiple integer/buffer overflows.
.
* NMU to fix RC security bug (closes: #342288)
* Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,
thanks to Martin Pitt:
* poppler/Stream.cc, DCTStream::readBaselineSOF(),
DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
- CVE-2005-3191
* poppler/Stream.cc, StreamPredictor::StreamPredictor():
- Check rowBytes for invalid values.
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
- CVE-2005-3192
* poppler/JPXStream.cc, JPXStream::readCodestream():
- Check img.nXTiles * img.nYTiles for integer overflow.
- http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
- CVE-2005-3193
Files:
791dc78d8366eb05580183fe85174555 779582 devel optional poppler_0.4.3.orig.tar.gz
f32ec16c14fe8f3ab603da417e4f768e 122483 devel optional poppler_0.4.3-1.diff.gz
2c34a504743936d600d2edcc712bcde8 1730 devel optional poppler_0.4.3-1.dsc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iQEVAwUBQ7xdogF4adwMEr3XAQJ95wgArhC17RAQOSeRHfPTZEFcsQFdz3wkY6s+
9wgUzAuk/bWnPNfowx0W2lPHjFn+8f1AXwYqzEgV1xzZIftUwFrVQDhhtjIbq9PI
jB8heLApdItm9FEIPC1VzRpM4OnR3pDgE2vIHSoz/+54L4zN6udr2EjYwYzVRdOs
vubCMvqqHJjzqqVIDpo04NYyNOqTKWw8i1tS3m6Zqs8cWwvqE8Txi/GfIYspdkgQ
dsu5mAEcOfYtEmXocgXewNQ8jDkJq69phhMVSdf1j1NY0LhAaps0Tr+bNVoXCK/l
uCQBvV3Fq25G+oSF9mvGh6a0YX3tH6k/z+LzTfP5WqqWLK/ABfvW7w==
=AtqP
-----END PGP SIGNATURE-----
Accepted:
poppler_0.4.3-1.diff.gz
to pool/main/p/poppler/poppler_0.4.3-1.diff.gz
poppler_0.4.3-1.dsc
to pool/main/p/poppler/poppler_0.4.3-1.dsc
poppler_0.4.3.orig.tar.gz
to pool/main/p/poppler/poppler_0.4.3.orig.tar.gz
More information about the dapper-changes
mailing list