poppler 0.5.1-0ubuntu7.6 source package in Ubuntu

Changelog

poppler (0.5.1-0ubuntu7.6) dapper-security; urgency=low

  * SECURITY UPDATE: unsafe malloc usage
    - debian/patches/104_security_CVE-2009-3605.patch: introduce gmallocn3
      and add additional allocation size checks in goo/gmem.{c,h}, replace
      malloc calls with safe versions in glib/poppler-page.cc,
      poppler/{ArthurOutputDev,CairoOutputDev,GfxState,JBIG2Stream,
      PSOutputDev,SplashOutputDev}.cc, splash/{Splash,SplashFTFont}.cc.
    - CVE-2009-3605
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in rowSize computation
    - debian/patches/105_security_CVE-2009-360x.patch: make sure width
      value is sane in splash/SplashBitmap.cc.
    - CVE-2009-3603
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in pixel buffer size calculation
    - debian/patches/105_security_CVE-2009-360x.patch: make sure yp value
      is sane in splash/Splash.cc, splash/SplashErrorCodes.h.
    - CVE-2009-3604
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in object stream handling
    - debian/patches/105_security_CVE-2009-360x.patch: limit number of
      nObjects in poppler/XRef.cc.
    - CVE-2009-3608
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    integer overflow in ImageStream::ImageStream
    - debian/patches/105_security_CVE-2009-360x.patch: check size of width
      and nComps in poppler/Stream.cc.
    - CVE-2009-3609

 -- Marc Deslauriers <email address hidden>   Mon, 19 Oct 2009 19:27:20 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2009-10-20
Uploaded to:
Dapper
Original maintainer:
Ondřej Surý
Component:
main
Architectures:
any
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
poppler_0.5.1.orig.tar.gz 932.5 KiB a136cd731892f4570933034ba97c8704
poppler_0.5.1-0ubuntu7.6.diff.gz 25.4 KiB c8e36cb77908ace0ef50d06c13519c1c
poppler_0.5.1-0ubuntu7.6.dsc 1.7 KiB 089921510c5d3b3b50309f0506bc2164

View changes file

Binary packages built by this source

libpoppler-dev: No summary available for libpoppler-dev in ubuntu dapper.

No description available for libpoppler-dev in ubuntu dapper.

libpoppler-glib-dev: No summary available for libpoppler-glib-dev in ubuntu dapper.

No description available for libpoppler-glib-dev in ubuntu dapper.

libpoppler-qt-dev: No summary available for libpoppler-qt-dev in ubuntu dapper.

No description available for libpoppler-qt-dev in ubuntu dapper.

libpoppler1: No summary available for libpoppler1 in ubuntu dapper.

No description available for libpoppler1 in ubuntu dapper.

libpoppler1-glib: No summary available for libpoppler1-glib in ubuntu dapper.

No description available for libpoppler1-glib in ubuntu dapper.

libpoppler1-qt: No summary available for libpoppler1-qt in ubuntu dapper.

No description available for libpoppler1-qt in ubuntu dapper.

poppler-utils: No summary available for poppler-utils in ubuntu dapper.

No description available for poppler-utils in ubuntu dapper.