-
xpdf (3.04+git20240613-1) unstable; urgency=medium
* Import new upstream version 3.04+git20240613 (closes: #1074015)
-- Florian Schlichting <email address hidden> Sat, 22 Jun 2024 16:59:36 +0200
-
xpdf (3.04+git20240202-1) unstable; urgency=medium
* Import new upstream version 3.04+git20240202 (closes: #1063927)
* Build-depend on pkgconf instead of obsolete pkg-config
-- Florian Schlichting <email address hidden> Sat, 17 Feb 2024 15:34:19 +0100
-
xpdf (3.04+git20240124-1) unstable; urgency=medium
* Import new upstream version 3.04+git20240118 (closes: #1061423)
* Bump copyright years (2024)
-- Florian Schlichting <email address hidden> Wed, 24 Jan 2024 21:19:03 +0100
-
xpdf (3.04+git20240118-1) unstable; urgency=medium
* Import new upstream version 3.04+git20240118 (closes: #1059084)
-- Florian Schlichting <email address hidden> Tue, 23 Jan 2024 21:22:11 +0100
-
xpdf (3.04+git20231213-1) unstable; urgency=medium
* Import new upstream version 3.04+git20231213
(closes: #1058619, #743631, #353756)
* Update copyright years
* Declare compliance with Debian Policy 4.6.2
* Recommend fonts-urw-base35 instead of transitional gsfonts-x11
(closes: #1020353)
* Update .desktop categories and keywords (closes: #1036435)
-- Florian Schlichting <email address hidden> Mon, 18 Dec 2023 23:05:25 +0100
-
xpdf (3.04+git20220601-1) unstable; urgency=medium
* Import new upstream version 3.04+git20220601 (closes: #1012806)
* Update copyright years
* Declare compliance with Debian Policy 4.6.1
-- Florian Schlichting <email address hidden> Fri, 17 Jun 2022 22:37:02 +0800
-
xpdf (3.04+git20220201-1) unstable; urgency=medium
* Import new upstream version 3.04+git20220201
-- Florian Schlichting <email address hidden> Tue, 08 Feb 2022 22:04:11 +0800
-
xpdf (3.04+git20211021-1) unstable; urgency=medium
* Import new upstream version 3.04+git20211021
* drop unnecessary uupdate script from d/watch
-- Florian Schlichting <email address hidden> Thu, 21 Oct 2021 20:48:52 +0800
-
xpdf (3.04+git20211001-1) unstable; urgency=medium
[ Debian Janitor ]
* Use secure URI in Homepage field.
[ Florian Schlichting ]
* d/copyright: use secure URI in Source field
* Import new upstream version 3.04+git20211001
+ use render tables to select Xft Unicode fonts for (closes: #683399)
+ enable Motif locale support, convert search strings from the locale's
encoding (closes: #946270)
+ use unicode when displaying the table of contents (closes: #668945)
+ add a findPrev command and keybinding (closes: #989369)
* Add a Bug-Submit address to upstream metadata
* Add a watch file looking at upstream's git HEAD
* Declare compliance with Debian Policy 4.6.0
-- Florian Schlichting <email address hidden> Thu, 14 Oct 2021 23:54:24 +0800
-
xpdf (3.04+git20210103-3) unstable; urgency=medium
* Fix automatic injection of hardening buildflags
-- Florian Schlichting <email address hidden> Thu, 04 Mar 2021 22:41:56 +0800
-
xpdf (3.04+git20210103-2) unstable; urgency=medium
* Fix printing when no psLevel is defined in xpdfrc (closes: #983880)
-- Florian Schlichting <email address hidden> Thu, 04 Mar 2021 14:20:04 +0800
-
xpdf (3.04+git20210103-1) unstable; urgency=medium
* Import new upstream version 3.04+git20210103
+ switch to xpopple as new upstream (closes: #977182)
+ fix obvious memory leaks (closes: #945188, #942086)
+ no longer crash on empty documents (closes: #968354)
+ properly ask for passwords (closes: #606885)
+ correctly recognize working and document obsolete config file commands
(closes: #971805, #863382)
* Drop patches, all applied in (or obsoleted by) xpopple upstream
* Bump dh compat to level 13
* Greatly simplify d/rules (but keep linking to libpaper)
* Keep installing our xpdf wrapper script
* Ensure wrapper script correctly handles all xpdf options
* Add wrapper script options back to xpdf manpage
* Drop obsolete language support files and infrastructure
* Mention new upstream in relevant places, drop d/watch
* Adopt xpdf (closes: #848631)
* Ship TODO in docs
* Add Rules-Requires-Root: no
* Declare compliance with Debian Policy 4.5.1
-- Florian Schlichting <email address hidden> Thu, 28 Jan 2021 15:58:32 +0800
-
xpdf (3.04-14) unstable; urgency=medium
* QA upload
* Add patches from xpopple for compatibility with poppler 20.09.0 (closes: #955552)
* Fix memory leaks, patch from Bernhard Übelacker (closes: #945188)
* Fix tempfile warning, thanks Vincent Lefevre (closes: #961597)
* Support more MIME types in xpdf.desktop (closes: #901541)
* Fix typo in manpage (closes: #973573)
-- Florian Schlichting <email address hidden> Fri, 11 Dec 2020 00:43:16 +0800
-
xpdf (3.04-13) unstable; urgency=medium
* Upload to unstable, now poppler 0.71
transition has started
-- Gianfranco Costamagna <email address hidden> Tue, 08 Jan 2019 09:06:35 +0100
-
xpdf (3.04-12) unstable; urgency=medium
* QA upload
* Adds a dependency to sensible-utils.
-- GOTO Masanori <email address hidden> Mon, 17 Dec 2018 21:55:46 +0900
-
xpdf (3.04-11) unstable; urgency=medium
* QA upload
* Revert to 3.04-9 version because unstable has old
poppler
-- Gianfranco Costamagna <email address hidden> Thu, 06 Dec 2018 15:13:34 +0100
-
xpdf (3.04-10) unstable; urgency=medium
[ Gianfranco Costamagna ]
* QA upload
* Bump std-version to 4.2.1, no changes required
[ Iain Lane ]
* debian/patches/poppler-0.71.patch: Update for poppler 0.71's latest lot of
deprecations / removals.
* debian/rules: deleteGooList(someList, someType) became
deleteGooList<someType>, someList - add some sed hax to transform the
former to the latter.
-- Gianfranco Costamagna <email address hidden> Wed, 05 Dec 2018 22:50:44 +0100
-
xpdf (3.04-9) unstable; urgency=medium
* QA upload
* Patch also for poppler-0.69 (Closes: #910869)
-- Gianfranco Costamagna <email address hidden> Mon, 22 Oct 2018 10:34:31 +0200
-
xpdf (3.04-7) unstable; urgency=medium
* QA upload.
* Move packaging to salsa.d.o
* Fix build with poppler-0.62 (thanks Matthias Klose)
-- Florian Schlichting <email address hidden> Mon, 05 Mar 2018 22:50:23 +0100
-
xpdf (3.04-6) unstable; urgency=medium
* QA upload.
* Add fix-757053.patch to zoom with keypad +/- too (closes: #757053)
* Add fix-868498.patch to add a search command usable through xpdf's remote
feature (closes: #868498)
* Initialize poppler GlobalParams with default paths (closes: #850163)
* support all commandline arguments in wrapper (closes: #736444)
* Add a few useful keybindings (closes: #783623, #389613, #358962)
* Some formatting improvements in the manual by Bjarni Ingi Gislason
(closes: 890842)
* Hacks to compile with poppler 0.61 by Adrian Bunk (closes: #883523)
* Declare compliance with Debian Policy 4.1.3
-- Florian Schlichting <email address hidden> Fri, 23 Feb 2018 12:42:58 +0100
-
xpdf (3.04-5) unstable; urgency=medium
* QA upload.
* Fix double utf8 encoded selections (closes: #737989)
* Drop zxpdf wrapper script, obsolete since jessie (closes: #782440)
* Update Homepage, Source and debian/watch to new URL (closes: #873954)
* Comment out xpdfrc language support file options not currently supported
(closes: #848671)
* Bring back libpaper, as Letter just isn't for everyone
* Improve error message when running xpdf on a directory (closes: #693569)
* Remove duplicate manpage entry for enableFreeType (closes: #793213)
* Add poppler-manpage.patch: annotate config file options not currently
supported (closes: #873953)
* Fix section name in xpdfrc.5
* Fix a manpage-has-errors-from-man lintian warning
* Fix a message typo in poppler-xpdfparams.patch
* Use -noawait variant of poppler trigger
* Use https form of the copyright-format URL
* Drop Conflicts/Replaces no longer needed after Jessie (see #707818)
* Declare compliance with Debian Policy 4.1.1
-- Florian Schlichting <email address hidden> Sat, 25 Nov 2017 01:15:13 +0100
-
xpdf (3.04-4) unstable; urgency=medium
* QA upload.
* Fix VCS fields, now in secure mode.
[ Iain Lane ]
* debian/xpdf.{svg,install}: Install a .svg icon created by Bryan Quigley,
so that xpdf appears in AppStream. (LP: #1557675)
-- Gianfranco Costamagna <email address hidden> Thu, 05 Jan 2017 11:15:33 +0100
-
xpdf (3.04-3) unstable; urgency=medium
* Set maintainer field Debian QA Group (see: #848631).
* Support cross building (closes: #843267).
- Thanks to Helmut Grohne.
* Fix argument handling in the wrapper script (closes: #793552).
- Thanks to Vincent Lefevre.
-- Michael Gilbert <email address hidden> Mon, 19 Dec 2016 02:48:12 +0000
-
xpdf (3.04-1) unstable; urgency=medium
* New upstream release.
* Standards version 3.9.7.
-- Michael Gilbert <email address hidden> Sun, 07 Feb 2016 17:37:07 +0000
-
xpdf (3.03-18) unstable; urgency=medium
* Support poppler 0.38 (closes: #807087).
-- Michael Gilbert <email address hidden> Sun, 03 Jan 2016 03:38:52 +0000
-
xpdf (3.03-17) unstable; urgency=medium
* Upload to unstable.
-- Michael Gilbert <email address hidden> Sun, 06 Apr 2014 03:10:29 +0000
-
xpdf (3.03-16) unstable; urgency=medium
* Make selections visible in reverse mode (closes: #692931).
-- Michael Gilbert <email address hidden> Thu, 23 Jan 2014 23:38:48 +0000
-
xpdf (3.03-11) unstable; urgency=low
* Bump standards to 3.9.4.
* Fix printing issue (closes: #622877).
* Add libxt-dev build dependency (closes: #707927).
* Support linking with --as-needed (closes: #671765).
* Switch to libmotif instead of lesstif (closes: #697098).
* Replace and conflict with xpdf-reader (closes: #707818).
-- Michael Gilbert <email address hidden> Fri, 31 May 2013 19:33:24 +0000
-
xpdf (3.03-10) unstable; urgency=low
* Build-depend on libpoppler-private-dev (closes: #660992).
* Update my email address.
-- Michael Gilbert <email address hidden> Mon, 11 Jun 2012 21:40:47 -0400
-
xpdf (3.03-9) unstable; urgency=low
* Let poppler find and select non-embedded font file locations. Thanks to
Vincent Lefevre for finding a solution to this problem (closes: #641873).
* Remove now ineffective font file configuration options from xpdfrc.
* Revert UTF8 title conversion change (closes: #659272).
* Revert lp as default print command. Use lpr (the privious default) and
recommend cups-bsd package (closes: #652606).
* Fix segfault issue in additional zoom options patch and enable it again.
Thanks to Jörg-Volker Peetz (closes: #654308).
* Support title refresh when starting from a non-compressed file
(lp: #932062).
* Use "Xpdf" instead of "xpdf" in documentation on Xresources
(closes: #631450).
* Check exit codes of system calls (fix -Wunused-result compiler warnings).
* Fix a pointer casting to a different size (fix -Wint-to-pointer-cast
compiler warning).
* Add -Wno-format-extra-args to build flags.
* Bump standards to 3.9.3.
-- Michael Gilbert <email address hidden> Fri, 24 Feb 2012 17:33:29 -0500
-
xpdf (3.03-8) unstable; urgency=low
* Fix uncompressed file handling (closes: #647223).
* Build-conflict with binutils-gold (closes: #648556).
* Bump to debhelper 9.
- simplify hardening build flag logic in debian/rules (closes: #652689).
* Convert UTF8 titles to ISO8859 when yudit is available (closes: #645903).
-- Michael Gilbert <email address hidden> Tue, 06 Dec 2011 15:11:46 -0500
-
xpdf (3.03-7) unstable; urgency=low
* Fix build-hardening to include +pie,+bindnow.
-- Michael Gilbert <email address hidden> Sat, 29 Oct 2011 17:16:18 -0400
-
xpdf (3.03-5) unstable; urgency=low
* Use exec to launch xpdf.real (closes: #640177).
* Use lp as default print command (closes: #614045).
* Really fix xpdfrc config file location (closes: #641941).
-- Michael Gilbert <email address hidden> Sat, 17 Sep 2011 04:18:00 -0400
-
xpdf (3.03-4) unstable; urgency=low
* Fix helvetica font entry in xpdfrc.
* Remove t1lib options from xpdfrc.
* Assign system xpdfrc file location in debian/rules (drop patch).
* Replace newly deprecated commands in various language support files
(closes: #640486,640162).
-- Michael Gilbert <email address hidden> Sat, 17 Sep 2011 00:35:39 -0400
-
xpdf (3.03-3) unstable; urgency=low
* Use better quoting in the xpdf wrapper script.
* Replace deprecated "displayFontT1" option in the default xpdfrc file with
its new replacement: "fontFile" (closes: #640967, #640486).
* Disable additional zoom features patch for now (closes: #427632):
- if anyone wants this to be re-enabled, the patch needs to be corrected so
that fullscreen continuous mode no longer crashes (see closed bug).
* Fix skipping first file passed to "-m" argument (closes: #640897).
* Add binutils-gold build conflict.
-- Michael Gilbert <email address hidden> Sun, 04 Sep 2011 14:50:57 -0400
-
xpdf (3.03-2) unstable; urgency=low
* Remove old breaks/replaces.
* Remove unsatisfiable versioned dependency on lesstif.
-- Michael Gilbert <email address hidden> Thu, 01 Sep 2011 23:33:38 -0400
-
xpdf (3.02-21) unstable; urgency=low
* Pass real file name when not compressed (closes: #636432).
* Handle backslashes in filenames with -m option (closes: #636403).
* Document quirks of -m (closes: #636449).
* Pass all arguments in -m option.
-- Michael Gilbert <email address hidden> Wed, 03 Aug 2011 22:55:26 -0400
-
xpdf (3.02-20) unstable; urgency=low
* Simplify wrapper logic.
* Set up tempfile trap before extracting compressed pdf files
(closes: #635850).
* Fix titling on compressed files (closes: #635881).
* Use newlines to separate file names "-m" option handling (closes: #635852).
-- Michael Gilbert <email address hidden> Sun, 31 Jul 2011 03:22:48 -0400
-
xpdf (3.02-19) unstable; urgency=high
* Fix insecure tempfile usage (closes: #635849). -- Michael Gilbert <email address hidden> Fri, 29 Jul 2011 14:02:05 -0400
-
xpdf (3.02-18) unstable; urgency=low
* Fix spelling error in control file (closes: #631407). * Pass "-upw" with its second argument in xpdf wrapper (closes: #632826). * Quote arguments to commands (closes: #633069). * Handle file names with single quotes (closes: #631250). * Handle no file name correctly again. * Fix title command handling (closes: #611522). -- Michael Gilbert <email address hidden> Thu, 28 Jul 2011 00:11:15 -0400
-
xpdf (3.02-17) unstable; urgency=medium
* add missing poppler dependency bump. -- Michael Gilbert <email address hidden> Sat, 09 Jul 2011 14:43:54 -0400
-
xpdf (3.02-15) unstable; urgency=low
* manpage updates: - document new xpdf usage (including new -m option). - remove references to zxpdf. - drop corrections to manpages for no-longer built binaries. - merge all manpage fixes into one patch. * launch xpdf from zxpdf deprecation script. * support unsuffixed pdf files (closes: #631109). * fix another filename whitespace issue (closes: #611522). * clean up debian/rules. * lengthen the package's long description. -- Michael Gilbert <email address hidden> Tue, 21 Jun 2011 20:01:49 -0400
-
xpdf (3.02-14) unstable; urgency=low
* Only use temp files when viewing compressed files (closes: #621774). * "-m" option no longer needs to be last. * Fix filenames with spaces issue in new xpdf wrapper script. * Fix trap signal names. * Use poppler's naming for mouse button 1 binding (closes: #627426). * Fix continuous mode crashiness (closes: #521381). * Bump standards version to 3.9.2. -- Michael Gilbert <email address hidden> Sat, 18 Jun 2011 16:51:09 -0400
-
xpdf (3.02-12) unstable; urgency=high
* zxpdf: don't erase original pdf file during clean up (closes: #598945). -- Michael Gilbert <email address hidden> Sun, 19 Dec 2010 18:42:47 -0500
-
xpdf (3.02-11) unstable; urgency=medium
* Apply arrow key bindings only in the fullscreen context
(closes: #595547, #595075).
* Also remove xpdf-reader dangling symlink (closes: #595076).
* Fix Vcs-Git field.
-- Michael Gilbert <email address hidden> Sun, 05 Sep 2010 17:57:28 -0400
-
xpdf (3.02-10) unstable; urgency=low
[Michael Gilbert]
* Make language file installation slightly more robust/automated.
* Bind arrow keys to next/prev page actions by default (closes: #200610).
* Use Breaks instead of Conflicts.
* No need to break or conflict xpdf-common since replaces is enough to
enable successful upgrades from lenny.
* Remove dangling symlink leftover by lenny xpdf package (closes: #589650).
* Bump standards version to 3.9.1 (no changes required).
* Recommend gsfonts-x11 package.
* Remove refrences to poppler-utils files in xpdfrc and clean it up a bit.
* Drop unneeded 'Provides'.
* Drop conflicts/breaks with packages that no longer exist in lenny.
* Version all 'Breaks'.
* Include references to origin of all poppler patches in headers.
* Include comment on debian-specific changes in use-system-xpdfrc.patch.
* Correct zxpdf symlink (closes: #593565).
[Osamu Aoki]
* Remove xpdf-common and clean up dependencies (closes: #589425).
* zxpdf: remove temp file on exit (closes: #280460).
* zxpdf: search compressed file names (closes: #501661).
* Fix typo in "xpdf --help" output.
* Explain zoom (+-) only after "0" (closes: #426502).
* Restore xpdf.desktop file (closes: #589542).
* Drop update-xpdfrc: no longer needed due to poppler transition
(closes: #437529).
[Rogério Brito]
* Update debian/copyright to reflect change of maintainership.
-- Osamu Aoki <email address hidden> Wed, 21 Jul 2010 23:16:50 +0900
-
xpdf (3.02-9) unstable; urgency=low
* Reactivate zoomFitHeight properly by merging it into fix-580495.patch.
* Set VCS-* and Uploaders fields.
-- Osamu Aoki <email address hidden> Sat, 17 Jul 2010 16:00:23 +0900
-
xpdf (3.02-2) unstable; urgency=high
[Michael Gilbert]
* Fix multiple security issues (closes: #551287, #575779).
- CVE-2009-1188: Integer overflow in the JBIG2 decoding feature in the
SplashBitmap::SplashBitmap function in SplashBitmap.cc.
- CVE-2009-3603: Additional integer overflows in the
SplashBitmap::SplashBitmap function.
- CVE-2009-3604: Null pointer dereference in the Splash::drawImage
function in Splash.cc.
- CVE-2009-3606: Integer overflow in the PSOutputDev::doImageL1Sep
function in PSOutputDev.cc.
- CVE-2009-3608: Integer overflow in the ObjectStream::ObjectStream
function in XRef.cc.
- CVE-2009-3609: Integer overflow in the ImageStream::ImageStream
function in Stream.cc.
* Bump standards version to 3.8.4 (no changes required).
* Use ${misc:Depends}.
* Adopt the package (closes: #535261, #527840).
[Rogério Brito]
* debian/copyright:
+ include versioned link to the GPL.
* debian/*
+ convert to source format "3.0 (quilt)".
* debian/{control,compat}:
+ bump compat to 5.
* debian/control:
+ remove dpatch build-dep and calls in debian/rules.
+ include Homepage field.
+ build-depend on unversioned automake.
+ build-depend on versioned lesstif.
+ wrap build-depends line to keep sanity.
+ change build-dependency on x-dev to x11proto-core-dev. (Closes: #515495).
+ remove debian revision from versioned build-deps.
+ update standards-version to 3.8.3, with no extra changes required.
* debian/rules:
+ remove commented lines.
+ fix the includes for lesstif. (See below).
+ remove deprecated dh_desktop helper.
+ don't ignore errors when calling "make -i distclean".
+ separate configuration from package compilation to keep things tidy.
+ don't remove recursively things that are only files.
* debian/patches:
+ rename 00list to series.
+ disable patches 40 and 41, lesstif is fixed. (Closes: #458763, #528807).
+ refresh enabled patches to avoid potential problems with buildds.
+ escape minus signs from manpages.
+ fix path to configuration files. Tks Andrew Price. (Closes: #424747).
+ flexibilize the print dialog. Tks Dmitry Oboukhov. (Closes: #408502).
+ implement "Fit to Height". Tks Josh Triplett. (Closes: #424178).
* debian/xpdf-common.postint:
+ don't use command with path in maintainer script.
* debian/watch:
+ create watch file.
* debian/xpdf.desktop:
+ remove obsolete indication of encoding.
+ remove custom category "PDFViewer".
* debian/xpdf-reader.menu:
+ update obsolete section Apps -> Applications.
* debian/xpdf-reader.dirs:
+ remove empty dir usr/lib/menu. Tks Nelson Oliveira. (Closes: #495150).
* avoid conflict with poppler-utils. Tks Luca Capello. (Closes: #558020).
-- Michael Gilbert <email address hidden> Fri, 02 Apr 2010 17:40:49 -0400
-
xpdf (3.02-1.4+lenny1) stable-security; urgency=high
* Non-maintainer upload.
* This update fixes various security issues (Closes: #524809):
- CVE-2009-0146: Multiple buffer overflows in the JBIG2 decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a crafted PDF
file, related to (1) JBIG2SymbolDict::setBitmap and (2)
JBIG2Stream::readSymbolDictSeg.
- CVE-2009-0147: Multiple integer overflows in the JBIG2 decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a crafted PDF
file, related to (1) JBIG2Stream::readSymbolDictSeg, (2)
JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
- CVE-2009-0165: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to "g*allocn."
- CVE-2009-0166: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, and other products allows remote attackers to cause a denial
of service (crash) via a crafted PDF file that triggers a free of
uninitialized memory.
- CVE-2009-0799: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
that triggers an out-of-bounds read.
- CVE-2009-0800: Multiple "input validation flaws" in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6,
and other products allow remote attackers to execute arbitrary code via
a crafted PDF file.
- CVE-2009-1179: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products
allows remote attackers to execute arbitrary code via a crafted PDF file.
- CVE-2009-1180: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to execute arbitrary code via a crafted PDF file that triggers
a free of invalid data.
- CVE-2009-1181: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (crash) via a crafted PDF file that
triggers a NULL pointer dereference.
- CVE-2009-1182: Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and
other products allow remote attackers to execute arbitrary code via a
crafted PDF file.
- CVE-2009-1183: The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS
1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (infinite loop and hang) via a
crafted PDF file.
-- Giuseppe Iuculano <email address hidden> Sat, 02 May 2009 10:05:02 +0200
-
xpdf (3.02-1.4) unstable; urgency=low
* Non-maintainer upload.
* apply patch from Jiri Palecek
against a segfault in image handling (Closes: 462544)
* apply patch from Arno Renevier against a segfault when pressing Ctrl-W
in full-screen mode (Closes: 437725)
* apply patch from Stefan Beyer against a segfault when pressing 'g'
in full-screen mode (Closes: 479467)
* fix ps encoding error on 64-bit architectures (Closes: 444648, 482029)
-- Bernhard R. Link <email address hidden> Sun, 07 Sep 2008 14:56:17 +0200
