Ubuntu
poppler package

Change log for poppler package in Ubuntu

175 of 375 results FirstPreviousLast
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
poppler (24.02.0-1ubuntu9) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 06:48:42 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
poppler (24.02.0-1ubuntu8) noble; urgency=medium

  * Rename libraries for 64-bit time_t transition.  Closes: #1064282
    (import changes from 22.12.0-2.1 and 22.12.0-2.2)

 -- Benjamin Drung <email address hidden>  Wed, 20 Mar 2024 13:51:25 +0100
Superseded in noble-proposed 
poppler (24.02.0-1ubuntu7) noble; urgency=medium

  * No-change rebuild against libcurl3t64-gnutls

 -- Steve Langasek <email address hidden>  Sat, 16 Mar 2024 07:15:29 +0000
Superseded in noble-proposed 
poppler (24.02.0-1ubuntu6) noble; urgency=medium

  * No-change rebuild against libqt5core5t64

 -- Steve Langasek <email address hidden>  Fri, 15 Mar 2024 06:31:06 +0000
Superseded in noble-proposed 
poppler (24.02.0-1ubuntu5) noble; urgency=medium

  * No-change rebuild for archive consistency

 -- Steve Langasek <email address hidden>  Tue, 12 Mar 2024 23:20:47 +0000
Superseded in noble-proposed 
poppler (24.02.0-1ubuntu4) noble; urgency=medium

  * No-change rebuild against libglib2.0-0t64

 -- Steve Langasek <email address hidden>  Mon, 11 Mar 2024 23:30:00 +0000
Superseded in noble-proposed 
poppler (24.02.0-1ubuntu3) noble; urgency=medium

  * No-change rebuild against libpng16-16t64

 -- Steve Langasek <email address hidden>  Thu, 29 Feb 2024 07:51:49 +0000
Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
poppler (24.02.0-1ubuntu2) noble; urgency=medium

  * Don't run qt6 autopkgtest on i386

 -- Jeremy Bícha <email address hidden>  Sun, 18 Feb 2024 19:36:59 -0500
Superseded in noble-proposed 
poppler (24.02.0-1ubuntu1) noble; urgency=medium

  * Merge with Debian. Remaining change:
    - Don't build qt6 library on i386 since qt6 isn't available on
      Ubuntu there

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
poppler (23.12.0-1ubuntu2) noble; urgency=medium

  * Fix i386 build with new poppler

 -- Jeremy Bícha <email address hidden>  Sun, 03 Dec 2023 20:04:08 -0500
Superseded in noble-proposed 
poppler (23.12.0-1ubuntu1) noble; urgency=medium

  * Merge with Debian. Remaining change:
    - Don't build qt6 library on i386 since qt6 isn't available on
      Ubuntu there
Superseded in noble-proposed 
poppler (23.12.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Update library name to libpoppler133 to match soname
  * Add new symbols to symbols files
  * Build-Depend on libcurl4-gnutls-dev

 -- Jeremy Bícha <email address hidden>  Fri, 01 Dec 2023 10:08:39 -0500
Published in focal-updates
Published in focal-security 
poppler (0.86.1-0ubuntu1.4) focal-security; urgency=medium

  * SECURITY UPDATE: stack overflow issue
    - debian/patches/CVE-2020-23804.patch: Fix stack overflow with
      specially crafted files
    - CVE-2020-23804
  * SECURITY UPDATE: denial of service issue
    - debian/patches/CVE-2022-37050.patch: pdfseparate: Check XRef's
      Catalog for being a Dict
    - debian/patches/CVE-2022-37051.patch: Check isDict before calling
      getDict
    - debian/patches/CVE-2022-37052.patch: pdfseparate: Account for
      XRef::add failing because we run out of memory
    - debian/patches/CVE-2022-38349.patch: pdfunite: Fix crash on broken
      files
    - CVE-2022-37050
    - CVE-2022-37051
    - CVE-2022-37052
    - CVE-2022-38349

 -- Nishit Majithia <email address hidden>  Wed, 22 Nov 2023 11:20:52 +0530
Published in jammy-updates
Published in jammy-security 
poppler (22.02.0-2ubuntu0.3) jammy-security; urgency=medium

  * SECURITY UPDATE: denial of service issue
    - debian/patches/CVE-2022-37050.patch: pdfseparate: Check XRef's
      Catalog for being a Dict
    - debian/patches/CVE-2022-37051.patch: Check isDict before calling
      getDict
    - debian/patches/CVE-2022-37052.patch: pdfseparate: Account for
      XRef::add failing because we run out of memory
    - debian/patches/CVE-2022-38349.patch: pdfunite: Fix crash on broken
      files
    - CVE-2022-37050
    - CVE-2022-37051
    - CVE-2022-37052
    - CVE-2022-38349

 -- Nishit Majithia <email address hidden>  Wed, 22 Nov 2023 11:22:05 +0530
Superseded in focal-updates
Superseded in focal-security 
poppler (0.86.1-0ubuntu1.3) focal-security; urgency=medium

  * SECURITY UPDATE: Infinite loop
    - d/p/0001-Fix-infinite-looping-in-cvtGlyph-with-broken-files.patch:
      Fix Infinite loop in FoFiType1C::cvtGlyph().
    - CVE-2020-36023
  * SECURITY UPDATE: NULL dereference
    - d/p/0002-FoFiType1C-Fix-crashes-with-broken-files.patch: Fix
      NULL dereference in FoFiType1C::convertToType1().
    - CVE-2020-36024

 -- Fabian Toepfer <email address hidden>  Wed, 16 Aug 2023 19:03:16 +0200
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
poppler (23.08.0-2ubuntu1) mantic; urgency=medium

  * Merge from Debian experimental (LP: #2031572).  Remaining change:
    - Don't build qt6 library on i386 since qt6 isn't available on
      Ubuntu there
  * Drop debian/patches/CVE-2023-34872.patch, fixed upstream.
Published in lunar-updates
Published in lunar-security 
poppler (22.12.0-2ubuntu1.1) lunar-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2023-34872.patch: fix crash in poppler/Outline.cc.
    - CVE-2023-34872

 -- Marc Deslauriers <email address hidden>  Wed, 02 Aug 2023 14:49:30 -0400
Superseded in focal-updates
Superseded in focal-security 
poppler (0.86.1-0ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2022-27337.patch: bail out if we run out of file
      when reading in poppler/Hints.cc.
    - CVE-2022-27337

 -- Marc Deslauriers <email address hidden>  Wed, 02 Aug 2023 15:15:50 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
poppler (22.12.0-2ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2023-34872.patch: fix crash in poppler/Outline.cc.
    - CVE-2023-34872

 -- Marc Deslauriers <email address hidden>  Wed, 02 Aug 2023 14:49:30 -0400
Superseded in jammy-updates
Superseded in jammy-security 
poppler (22.02.0-2ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2022-27337.patch: bail out if we run out of file
      when reading in poppler/Hints.cc.
    - CVE-2022-27337
  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2023-34872.patch: fix crash in poppler/Outline.cc.
    - CVE-2023-34872

 -- Marc Deslauriers <email address hidden>  Wed, 02 Aug 2023 14:52:35 -0400
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
poppler (22.12.0-2ubuntu1) lunar; urgency=medium

  * Merge with Debian. Remaining change:
  * Don't build qt6 library on i386 since qt6 isn't available on Ubuntu there
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
poppler (22.12.0-1ubuntu2) lunar; urgency=medium

  * Rebuild

 -- Jeremy Bicha <email address hidden>  Fri, 16 Dec 2022 16:50:58 -0500
Superseded in lunar-proposed 
poppler (22.12.0-1ubuntu1) lunar; urgency=medium

  * Don't build QT6 library on i386 since QT6 isn't available on Ubuntu there

 -- Jeremy Bicha <email address hidden>  Fri, 16 Dec 2022 10:28:11 -0500
Superseded in lunar-proposed 
poppler (22.12.0-1) experimental; urgency=medium

  * Team upload

  [ Nathan Pratta Teodosio ]
  * New upstream release
  * Update library name to libpoppler126 to match soname

  [ Jeremy Bicha ]
  * Fix qt6 autopkgtest
  * debian/control: Set Rules-Requires-Root: no

 -- Nathan Pratta Teodosio <email address hidden>  Mon, 12 Dec 2022 14:16:40 -0300
Published in bionic-updates
Published in bionic-security 
poppler (0.62.0-2ubuntu2.14) bionic-security; urgency=medium

  * SECURITY REGRESSION: Adding missing install header
    - debian/patches/0001-Install-goo-GooCheckedOps.h.patch:
      this add goo/GooCheckedOps.h to the CMakeLists.txt in order
      to it be distributed in the libpoppler-private-dev that was
      missing in the previous fix for CVE-2022-38784. (LP: #1989515)

 -- Leonidas Da Silva Barbosa <email address hidden>  Wed, 14 Sep 2022 13:46:18 -0300
Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
poppler (22.08.0-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * JBIG2Stream: Fix crash on broken file (CVE-2022-38784) (Closes: #1018971)

 -- Salvatore Bonaccorso <email address hidden>  Sat, 03 Sep 2022 21:30:51 +0200

Available diffs

Superseded in bionic-updates
Superseded in bionic-security 
poppler (0.62.0-2ubuntu2.13) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2022-38784-pre.patch: add checks in
      goo/GooCheckedOps.h, goo/gmem.h.
    - debian/patches/CVE-2022-38784.patch:Fix crash on broken file
      in poppler/JBIG2Stream.cc.
    - CVE-2022-38784

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 06 Sep 2022 08:10:42 -0300
Superseded in focal-updates
Superseded in focal-security 
poppler (0.86.1-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2022-38784.patch:Fix crash on broken file
      in poppler/JBIG2Stream.cc.
    - CVE-2022-38784

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 06 Sep 2022 07:53:20 -0300
Superseded in jammy-updates
Superseded in jammy-security 
poppler (22.02.0-2ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Integer Overflow
    - debian/patches/CVE-2022-38784.patch:Fix crash on broken file
      in poppler/JBIG2Stream.cc.
    - CVE-2022-38784

 -- Leonidas Da Silva Barbosa <email address hidden>  Tue, 06 Sep 2022 06:32:35 -0300
Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
poppler (22.08.0-2) unstable; urgency=medium

  * Team upload
  * Upload to unstable

 -- Jeremy Bicha <email address hidden>  Sun, 21 Aug 2022 13:13:33 -0400

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
poppler (22.08.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Update library name to libpoppler123 to match soname
  * debian/libpoppler-glib8.symbols.in: Add new symbols

 -- Jeremy Bicha <email address hidden>  Wed, 10 Aug 2022 10:04:47 -0400

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
poppler (22.06.0-1) experimental; urgency=medium

  * New upstream version
  * libpoppler118->libpoppler122

 -- Nathan Pratta Teodosio <email address hidden>  Thu, 09 Jun 2022 21:47:08 -0300

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
poppler (22.02.0-3) unstable; urgency=medium

  * Release to unstable

 -- Jeremy Bicha <email address hidden>  Thu, 17 Mar 2022 12:55:43 -0400

Available diffs

Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
poppler (22.02.0-2) experimental; urgency=medium

  [ Steve Langasek ]
  * Add segfault-on-unset-catalog.patch:
    fix a segfault when a document does not have a catalog

  [ Jeremy Bicha ]
  * Add some optional symbols that show in 32-bit builds
  * Revert unneeded "debian/rules: Set DPKG_GENSYMBOLS_CHECK_LEVEL = 4"

 -- Jeremy Bicha <email address hidden>  Mon, 07 Feb 2022 08:17:59 -0500
Superseded in jammy-proposed 
poppler (22.02.0-0ubuntu2) jammy; urgency=medium

  * Add some optional symbols that show in 32-bit builds

 -- Jeremy Bicha <email address hidden>  Fri, 04 Feb 2022 10:10:14 -0500
Superseded in jammy-proposed 
poppler (22.02.0-0ubuntu1) jammy; urgency=medium

  [ Jeremy Bicha ]
  * Sync with Debian's git repo. Remaining change:

  [ Steve Langasek ]
  * Add segfault-on-unset-catalog.patch:
    fix a segfault when a document does not have a catalog
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
poppler (21.11.0-1~ubuntu2) jammy; urgency=medium

  * debian/patches/segfault-on-unset-catalog.patch: fix a segfault when
    a document does not have a catalog.

 -- Steve Langasek <email address hidden>  Wed, 08 Dec 2021 17:00:32 +0000
Superseded in jammy-proposed 
poppler (21.11.0-1~ubuntu1) jammy; urgency=medium

  * New upstream version
  * Updated for the soname change
  * Refreshed symbols for the new version

 -- Sebastien Bacher <email address hidden>  Tue, 02 Nov 2021 10:17:01 +0100
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
poppler (21.06.1-1) experimental; urgency=medium

  * New upstream version

 -- Sebastien Bacher <email address hidden>  Mon, 21 Jun 2021 16:27:09 +0200
Superseded in impish-proposed 
poppler (21.06.0-1) experimental; urgency=medium

  * New upstream version, updated for the soname change
  * debian/control:
    - updated glib requirement
  * Updated symbols for the new version

 -- Sebastien Bacher <email address hidden>  Thu, 03 Jun 2021 12:23:29 +0200
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
poppler (21.06.0-0build1) impish; urgency=medium

  * New upstream version, updated for the soname change
  * debian/control:
    - updated glib requirement
  * Updated symbols for the new version

 -- Sebastien Bacher <email address hidden>  Thu, 03 Jun 2021 12:23:29 +0200
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
poppler (21.02.0-1) experimental; urgency=medium

  * New upstream version, updated for the soname change
  * debian/control: 
    - build-depends on libgdk-pixbuf-2.0-dev and libgtk-3-dev
    - updated standards version
  * debian/libpoppler-dev.install:
    - remove deprecated .pc for the list of files to install

 -- Sebastien Bacher <email address hidden>  Tue, 23 Feb 2021 15:40:38 +0100
Superseded in hirsute-proposed 
poppler (21.02.0-0build1) hirsute; urgency=medium

  * New upstream version, updated for the soname change
  * debian/control:
    - build-depends on libgdk-pixbuf-2.0-dev and libgtk-3-dev
    - updated standards version
  * debian/libpoppler-dev.install:
    - remove deprecated .pc for the list of files to install

 -- Sebastien Bacher <email address hidden>  Tue, 23 Feb 2021 15:40:38 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
poppler (20.09.0-3.1) unstable; urgency=medium

  * debian/tests: make autopkgtests cross-test-friendly (Closes: #969726)

  [ Gianfranco Costamagna ]
  * add some optional symbols that appears/disappears when the source is
    built with -O3

 -- Sebastien Bacher <email address hidden>  Thu, 21 Jan 2021 16:40:36 +0100
Published in xenial-updates
Published in xenial-security 
poppler (0.41.0-0ubuntu1.16) xenial-security; urgency=medium

  * SECURITY REGRESSION: broken Splash output (LP: #1905741)
    - debian/rules: don't build with --enable-cmyk as this causes a
      regression with xpdf and gdal. This reverts the fix for
      CVE-2019-10871.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Nov 2020 10:59:16 -0500
Superseded in bionic-updates
Superseded in bionic-security 
poppler (0.62.0-2ubuntu2.12) bionic-security; urgency=medium

  * SECURITY REGRESSION: broken Splash output (LP: #1905741)
    - debian/rules: don't build with SPLASH_CMYK=ON as this causes a
      regression with xpdf and gdal. This reverts the fix for
      CVE-2019-10871.

 -- Marc Deslauriers <email address hidden>  Thu, 26 Nov 2020 10:55:59 -0500
Superseded in xenial-updates
Superseded in xenial-security 
poppler (0.41.0-0ubuntu1.15) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in Parser::makeStream
    - debian/patches/CVE-2018-21009.patch: check for overflow in
      poppler/Parser.cc.
    - CVE-2018-21009
  * SECURITY UPDATE: buffer overread in PSOutputDev::checkPageSlice
    - debian/rules: build with --enable-cmyk.
    - debian/patches/CVE-2019-10871-fix.patch: fix wrong width condition in
      splash/SplashBitmap.cc.
    - debian/patches/CVE-2019-10871-fix2.patch: add missing
      splashModeDeviceN8 in two switch statements in
      poppler/SplashOutputDev.cc.
    - CVE-2019-10871
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-13283.patch: fix invalid memory access in
      fofi/FoFiType1.cc.
    - CVE-2019-13283
  * SECURITY UPDATE: integer overflow leading to large memory allocation
    - debian/patches/CVE-2019-9959.patch: ignore dict Length if clearly
      broken in poppler/JPEG2000Stream.cc.
    - CVE-2019-9959
  * SECURITY UPDATE: DoS via buffer overflow in pdftohtml
    - debian/patches/CVE-2020-27778.patch: properly initialize
      HtmlOutputDev::page in utils/HtmlOutputDev.cc.
    - CVE-2020-27778

 -- Marc Deslauriers <email address hidden>  Wed, 25 Nov 2020 08:41:00 -0500
Superseded in bionic-updates
Superseded in bionic-security 
poppler (0.62.0-2ubuntu2.11) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow in Parser::makeStream
    - debian/patches/CVE-2018-21009.patch: check for overflow in
      poppler/Parser.cc.
    - CVE-2018-21009
  * SECURITY UPDATE: buffer overread in PSOutputDev::checkPageSlice
    - debian/rules: build with SPLASH_CMYK=ON.
    - debian/patches/CVE-2019-10871-fix.patch: fix wrong width condition in
      splash/SplashBitmap.cc.
    - debian/patches/CVE-2019-10871-fix2.patch: add missing
      splashModeDeviceN8 in two switch statements in
      poppler/SplashOutputDev.cc.
    - CVE-2019-10871
  * SECURITY UPDATE: integer overflow leading to large memory allocation
    - debian/patches/CVE-2019-9959.patch: ignore dict Length if clearly
      broken in poppler/JPEG2000Stream.cc.
    - CVE-2019-9959
  * SECURITY UPDATE: DoS via buffer overflow in pdftohtml
    - debian/patches/CVE-2020-27778.patch: properly initialize
      HtmlOutputDev::page in utils/HtmlOutputDev.cc.
    - CVE-2020-27778

 -- Marc Deslauriers <email address hidden>  Wed, 25 Nov 2020 07:34:40 -0500
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
poppler (20.09.0-3ubuntu1) hirsute; urgency=medium

  * Merge with Debian unstable, remaining changes:
    - debian/tests: Make autopkgtests cross-test-friendly.
    - Set some new symbols as optional to fix the s390x build.

 -- Dmitry Shachnev <email address hidden>  Wed, 04 Nov 2020 21:52:27 +0300
Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
poppler (20.09.0-2ubuntu2) groovy; urgency=medium

  * debian: set some new symbols as option to fix the s390 build

 -- Sebastien Bacher <email address hidden>  Thu, 10 Sep 2020 11:51:10 +0200
Superseded in groovy-proposed 
poppler (20.09.0-2ubuntu1) groovy; urgency=medium

  * Resynchronize on Debian, remaining Ubuntu changes
  * debian/tests:
    - Make autopkgtests cross-test-friendly.

 -- Sebastien Bacher <email address hidden>  Mon, 07 Sep 2020 14:08:23 +0200
Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
poppler (0.86.1-0ubuntu1) focal; urgency=medium

  * New upstream version (lp: #1865351)

 -- Sebastien Bacher <email address hidden>  Fri, 27 Mar 2020 17:31:07 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
poppler (0.85.0-1ubuntu3) focal; urgency=medium

  * debian/patches/glyphless-font.patch:
    - updated for the recent poppler upstream changes

 -- Sebastien Bacher <email address hidden>  Wed, 04 Mar 2020 19:09:31 +0100
Superseded in focal-proposed 
poppler (0.85.0-1ubuntu2) focal; urgency=medium

  * debian/patches/glyphless-font.patch:
    - restore a fix to the patch for a null pointer dereference which was
      reverted by error in the recent merge/update (lp: #1865861)

 -- Sebastien Bacher <email address hidden>  Wed, 04 Mar 2020 18:29:53 +0100

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
poppler (0.85.0-1ubuntu1) focal; urgency=medium

  * Resynchronize with Debian, removing the jpx parser CVE fixes since
    the openjpeg backend is used now. Remaining changes
  * d/p/glyphless-font.patch:
    - Support Tesseract's glyphless font (LP: #1830473)
  * debian/tests:
    - Make autopkgtests cross-test-friendly.

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
poppler (0.80.0-0ubuntu5) focal; urgency=medium

  * debian/control, debian/rules:
    - enabled the libopenjpg backend now that the MIR got approved
      (lp: #710412)

 -- Sebastien Bacher <email address hidden>  Thu, 06 Feb 2020 13:05:01 +0100

Available diffs

Obsolete in eoan-updates
Deleted in eoan-proposed (Reason: moved to -updates) 
poppler (0.80.0-0ubuntu1.1) eoan; urgency=medium

  * Fix null pointer dereference when checking for glyphless font,
    thanks to Enrik Berkhan (LP: #1849773)

 -- Julian Andres Klode <email address hidden>  Mon, 16 Dec 2019 21:41:17 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
poppler (0.80.0-0ubuntu4) focal; urgency=medium

  * debian/patches/glyphless-font.patch:
    - Detect glyphless font instead of hardcoding name, also fixes segmentation
      fault because name was nullptr (LP: #1849773)

 -- Julian Andres Klode <email address hidden>  Mon, 16 Dec 2019 21:17:56 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
poppler (0.80.0-0ubuntu3) focal; urgency=medium

  * debian/patches/git_python3_build.patch:
    - use python3 instead of python for the documentation build

 -- Sebastien Bacher <email address hidden>  Tue, 10 Dec 2019 16:27:07 +0100
Superseded in focal-proposed 
poppler (0.80.0-0ubuntu2) focal; urgency=medium

  * Make autopkgtests cross-test-friendly.

 -- Steve Langasek <email address hidden>  Sun, 08 Dec 2019 23:38:15 -0800

Available diffs

Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.80.0-0ubuntu1) eoan; urgency=medium

  * New upstream version
  * debian/control, debian/libpoppler87.install:
    - updated for the new soname version
  * Updated symbols files
  * debian/libpoppler90.doc:
    - updated for the README name change
  * debian/patches/CVE-2018-19058.patch,
    debian/patches/CVE-2019-10872.patch,
    debian/patches/276.patch:
    - removed, those changes are in the new version
  * Refreshed the patches

 -- Sebastien Bacher <email address hidden>  Tue, 13 Aug 2019 10:42:22 +0200
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.76.1-0ubuntu6) eoan; urgency=medium

  * debian/patches/glib_deprecation_warning.patch:
    - disable the GTime deprecation warnings that started with
      the new glib version, fix the autopkgtest

 -- Sebastien Bacher <email address hidden>  Mon, 26 Aug 2019 14:54:12 +0300

Available diffs

Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.76.1-0ubuntu5) eoan; urgency=medium

  * SECURITY UPDATE: Divide-by-zero error
    - debian/patches/CVE-2019-14494.patch: Fix crash on broken file
      in poppler/SplashOutputDev.cc.
    - CVE-2019-14494

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 12 Aug 2019 11:13:03 -0300

Available diffs

Obsolete in disco-updates
Obsolete in disco-security 
poppler (0.74.0-0ubuntu1.3) disco-security; urgency=medium

  * SECURITY UPDATE: Divide-by-zero error
    - debian/patches/CVE-2019-14494.patch: Fix crash on broken file
      in poppler/SplashOutputDev.cc.
    - CVE-2019-14494

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 07 Aug 2019 14:15:21 -0300
Superseded in bionic-updates
Superseded in bionic-security 
poppler (0.62.0-2ubuntu2.10) bionic-security; urgency=medium

  * SECURITY UPDATE: Divide-by-zero error
    - debian/patches/CVE-2019-14494.patch: Fix crash on broken file
      in poppler/SplashOutputDev.cc.
    - CVE-2019-14494

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 07 Aug 2019 14:12:48 -0300
Superseded in bionic-updates
Superseded in bionic-security 
poppler (0.62.0-2ubuntu2.9) bionic-security; urgency=medium

  * SECURITY UPDATE: memory leak in GfxColorSpace::setDisplayProfile
    - debian/patches/CVE-2018-18897.patch: enforcing single initialization
      in poppler/GfxState.cc, qt5/src/poppler-qt5.h.
    - CVE-2018-18897
  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a
      Dict in utils/pdfunite.cc.
    - CVE-2018-20662
  * SECURITY UPDATE: buffer over-read in downsample_row_box_filter
    - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values
      for box filter in poppler/CairoRescaleBox.cc.
    - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in
      rescale filter in poppler/CairoRescaleBox.cc.
    - CVE-2019-9631
  * SECURITY UPDATE: dict marking mishandling
    - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file
      in poppler/PDFDoc.cc.
    - CVE-2019-9903
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping
      boxes in splash/Splash.cc.
    - CVE-2019-10872
  * SECURITY UPDATE: buffer over-read in JPXStream::init
    - debian/patches/CVE-2019-12293.patch: fail gracefully if not all
      components have the same WxH in poppler/JPEG2000Stream.cc.
    - CVE-2019-12293

 -- Marc Deslauriers <email address hidden>  Wed, 26 Jun 2019 09:59:06 -0400
Superseded in xenial-updates
Superseded in xenial-security 
poppler (0.41.0-0ubuntu1.14) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS in GfxImageColorMap::getGray
    - debian/patches/CVE-2017-9865.patch: clear buffers in
      utils/HtmlOutputDev.cc, utils/ImageOutputDev.cc.
    - CVE-2017-9865
  * SECURITY UPDATE: memory leak in GfxColorSpace::setDisplayProfile
    - debian/patches/CVE-2018-18897.patch: enforcing single initialization
      in poppler/GfxState.cc, qt5/src/poppler-qt5.h.
    - CVE-2018-18897
  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a
      Dict in utils/pdfunite.cc.
    - CVE-2018-20662
  * SECURITY UPDATE: buffer over-read in downsample_row_box_filter
    - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values
      for box filter in poppler/CairoRescaleBox.cc.
    - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in
      rescale filter in poppler/CairoRescaleBox.cc.
    - CVE-2019-9631
  * SECURITY UPDATE: dict marking mishandling
    - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file
      in poppler/PDFDoc.cc.
    - CVE-2019-9903
  * SECURITY UPDATE: DoS via FPE
    - debian/patches/CVE-2019-10018-10023.patch: check for zero in
      poppler/Function.cc.
    - CVE-2019-10018
    - CVE-2019-10023
  * SECURITY UPDATE: DoS via FPE
    - debian/patches/CVE-2019-10019.patch: check nStripes in
      poppler/PSOutputDev.cc.
    - CVE-2019-10019
  * SECURITY UPDATE: DoS via FPE
    - debian/patches/CVE-2019-10021.patch: check nBits in
      poppler/Stream.cc.
    - CVE-2019-10021
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping
      boxes in splash/Splash.cc.
    - CVE-2019-10872
  * SECURITY UPDATE: buffer over-read in JPXStream::init
    - debian/patches/CVE-2019-12293.patch: fail gracefully if not all
      components have the same WxH in poppler/JPEG2000Stream.cc.
    - CVE-2019-12293

 -- Marc Deslauriers <email address hidden>  Wed, 26 Jun 2019 10:14:59 -0400
Obsolete in cosmic-updates
Obsolete in cosmic-security 
poppler (0.68.0-0ubuntu1.7) cosmic-security; urgency=medium

  * SECURITY UPDATE: memory leak in GfxColorSpace::setDisplayProfile
    - debian/patches/CVE-2018-18897.patch: enforcing single initialization
      in poppler/GfxState.cc, qt5/src/poppler-qt5.h.
    - CVE-2018-18897
  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a
      Dict in utils/pdfunite.cc.
    - CVE-2018-20662
  * SECURITY UPDATE: buffer over-read in downsample_row_box_filter
    - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values
      for box filter in poppler/CairoRescaleBox.cc.
    - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in
      rescale filter in poppler/CairoRescaleBox.cc.
    - CVE-2019-9631
  * SECURITY UPDATE: dict marking mishandling
    - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file
      in poppler/PDFDoc.cc.
    - CVE-2019-9903
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping
      boxes in splash/Splash.cc.
    - CVE-2019-10872
  * SECURITY UPDATE: buffer over-read in JPXStream::init
    - debian/patches/CVE-2019-12293.patch: fail gracefully if not all
      components have the same WxH in poppler/JPEG2000Stream.cc.
    - CVE-2019-12293

 -- Marc Deslauriers <email address hidden>  Wed, 26 Jun 2019 09:43:05 -0400
Superseded in disco-updates
Superseded in disco-security 
poppler (0.74.0-0ubuntu1.2) disco-security; urgency=medium

  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a
      Dict in utils/pdfunite.cc.
    - CVE-2018-20662
  * SECURITY UPDATE: buffer underwrite in ImageStream::getLine()
    - debian/patches/CVE-2019-9200.patch: add check to poppler/Stream.cc.
    - CVE-2019-9200
  * SECURITY UPDATE: buffer over-read in downsample_row_box_filter
    - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values
      for box filter in poppler/CairoRescaleBox.cc.
    - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in
      rescale filter in poppler/CairoRescaleBox.cc.
    - CVE-2019-9631
  * SECURITY UPDATE: dict marking mishandling
    - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file
      in poppler/PDFDoc.cc.
    - CVE-2019-9903
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping
      boxes in splash/Splash.cc.
    - CVE-2019-10872
  * SECURITY UPDATE: NULL pointer dereference in SplashClip::clipAALine
    - debian/patches/CVE-2019-10873.patch: make sure the index of
      allIntersections we access is valid in splash/SplashXPathScanner.cc.
    - CVE-2019-10873
  * SECURITY UPDATE: buffer over-read in JPXStream::init
    - debian/patches/CVE-2019-12293.patch: fail gracefully if not all
      components have the same WxH in poppler/JPEG2000Stream.cc.
    - CVE-2019-12293

 -- Marc Deslauriers <email address hidden>  Wed, 26 Jun 2019 07:16:49 -0400

Available diffs

Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.76.1-0ubuntu4) eoan; urgency=medium

  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping
      boxes in splash/Splash.cc.
    - CVE-2019-10872

 -- Marc Deslauriers <email address hidden>  Tue, 25 Jun 2019 15:13:54 -0400
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.76.1-0ubuntu3) eoan; urgency=medium

  * d/p/glyphless-font.patch: Support Tesseract's glyphless font (LP: #1830473)

 -- Julian Andres Klode <email address hidden>  Sat, 25 May 2019 12:31:14 +0200
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.76.1-0ubuntu2) eoan; urgency=medium

  * SECURITY UPDATE: heap-based buffer over-read
    in JPXStream::init in JPEG2000Stream.cc
    - debian/patches/276.patch (Closes: #929423)
      upstream patch
    - CVE-2019-12293

 -- Gianfranco Costamagna <email address hidden>  Thu, 23 May 2019 16:48:32 +0200
Superseded in disco-updates
Deleted in disco-proposed (Reason: moved to -updates) 
poppler (0.74.0-0ubuntu1.1) disco; urgency=medium

  * debian/patches/git_unicode_search.patch:
    - backport a fix for a regression on case-insensitive search
      (lp: #1829785)

 -- Sebastien Bacher <email address hidden>  Tue, 21 May 2019 16:30:23 +0200
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
poppler (0.76.1-0ubuntu1) eoan; urgency=medium

  * New upstream release
    sed s/libpoppler82/libpoppler85/g

 -- Gianfranco Costamagna <email address hidden>  Tue, 07 May 2019 11:01:01 +0200
Superseded in cosmic-updates
Superseded in cosmic-security 
poppler (0.68.0-0ubuntu1.6) cosmic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2019-9200.patch: fix in
      poppler/Stream.cc.
    - CVE-2019-9200

 -- <email address hidden> (Leonidas S. Barbosa)  Thu, 28 Feb 2019 12:47:51 -0300
175 of 375 results FirstPreviousLast