Accepted poppler 0.4.3-1ubuntu1 (source)

Martin Pitt martin.pitt at ubuntu.com
Thu Jan 5 13:05:02 GMT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu,  5 Jan 2006 13:44:58 +0100
Source: poppler
Binary: libpoppler-glib-dev poppler-utils libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source
Version: 0.4.3-1ubuntu1
Distribution: dapper
Urgency: low
Maintainer: Ondřej Surý <ondrej at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
 libpoppler0c2 - PDF rendering library
 libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
 libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
 poppler-utils - PDF utilitites (based on libpoppler)
Changes: 
 poppler (0.4.3-1ubuntu1) dapper; urgency=low
 .
   * SECURITY UPDATE: Multiple integer/buffer overflows.
   * Add debian/patches/003-CVE-2005-3624_5_7.patch:
     - poppler/Stream.cc, CCITTFaxStream::CCITTFaxStream():
       + Check columns for negative or large values.
       + CVE-2005-3624
     - poppler/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
       + Reset numComps to 0 since it's a global variable that is used later.
       + CVE-2005-3627
     - poppler/Stream.cc, DCTStream::readHuffmanTables():
       + Fix out of bounds array access in Huffman tables.
       + CVE-2005-3627
     - poppler/Stream.cc, DCTStream::readMarker():
       + Check for EOF in while loop to prevent endless loops.
       + CVE-2005-3625
     - poppler/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(),
       JBIG2Bitmap::expand(), JBIG2Stream::readHalftoneRegionSeg():
       + Check user supplied width and height against invalid values.
       + Allocate one extra byte to prevent out of bounds access in combine().
   * Add debian/patches/004-fix-CVE-2005-3192.patch:
     - Fix nVals int overflow check in StreamPredictor::StreamPredictor().
     - Forwarded upstream to https://bugs.freedesktop.org/show_bug.cgi?id=5514.
Files: 
 9132ba40e9d8673acdc904ac3dd422fa 1744 devel optional poppler_0.4.3-1ubuntu1.dsc
 d4e606f475458230fe941cacb6a851e3 124492 devel optional poppler_0.4.3-1ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDvRWODecnbV4Fd/IRAoExAKClTzMWO7BKA+ODf71WCNF2UJCKVwCgqEyc
gZcux2kj/5Dq20fHnUO7Lvc=
=+L4t
-----END PGP SIGNATURE-----


Accepted:
poppler_0.4.3-1ubuntu1.diff.gz
  to pool/main/p/poppler/poppler_0.4.3-1ubuntu1.diff.gz
poppler_0.4.3-1ubuntu1.dsc
  to pool/main/p/poppler/poppler_0.4.3-1ubuntu1.dsc

More information about the dapper-changes mailing list