poppler 0.6.4-1ubuntu3.3 source package in Ubuntu

Changelog

poppler (0.6.4-1ubuntu3.3) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service or arbitrary code execution via
    unsafe malloc usage
    - debian/patches/105_security_CVE-2009-3605.patch: introduce gmallocn3
      in goo/gmem.{cc,h} and replace malloc calls with safe versions in
      glib/poppler-page.cc, poppler/{ArthurOutputDev,CairoOutputDev,
      GfxState,JBIG2Stream,PSOutputDev,SplashOutputDev}.cc,
      splash/{SplashBitmap,Splash,SplashFTFont}.cc.
    - CVE-2009-3605
  * SECURITY UPDATE: denial of service via invalid Form Opt entry
    (LP: #321764)
    - debian/patches/106_security_CVE-2009-0755.patch: handle invalid Opt
      entry gracefully in poppler/Form.cc.
    - CVE-2009-0755
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in rowSize computation
    - debian/patches/107_security_CVE-2009-360x.patch: make sure width
      value is sane in splash/SplashBitmap.cc.
    - CVE-2009-3603
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in pixel buffer size calculation
    - debian/patches/107_security_CVE-2009-360x.patch: make sure yp value
      is sane in splash/Splash.cc, splash/SplashErrorCodes.h.
    - CVE-2009-3604
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in object stream handling
    - debian/patches/107_security_CVE-2009-360x.patch: limit number of
      nObjects in poppler/XRef.cc.
    - CVE-2009-3608
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    integer overflow in ImageStream::ImageStream
    - debian/patches/107_security_CVE-2009-360x.patch: check size of width
      and nComps in poppler/Stream.cc.
    - CVE-2009-3609

 -- Marc Deslauriers <email address hidden>   Mon, 19 Oct 2009 11:14:11 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2009-10-20
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Component:
main
Architectures:
any
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
poppler_0.6.4.orig.tar.gz 1.2 MiB 13d12ca4e349574cfbbcf4a9b2b3ae52
poppler_0.6.4-1ubuntu3.3.diff.gz 21.5 KiB dc4e94beeae281169523c1e7d2e10c73
poppler_0.6.4-1ubuntu3.3.dsc 1.2 KiB ec6fcf282f0db7c3d787e238d31673aa

View changes file

Binary packages built by this source

libpoppler-dev: PDF rendering library -- development files

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package contains the headers and development libraries needed to
 build applications using Poppler.

libpoppler-glib-dev: PDF rendering library -- development files (GLib interface)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides a GLib-style interface to Poppler.

libpoppler-glib2: PDF rendering library (GLib-based shared library)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides the GLib-based shared library for applications
 using the GLib interface to Poppler.

libpoppler-qt-dev: PDF rendering library -- development files (Qt 3 interface)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides a Qt 3 style interface to Poppler.

libpoppler-qt2: PDF rendering library (Qt 3 based shared library)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides the Qt 3 based shared library for applications
 using the Qt 3 interface to Poppler.

libpoppler-qt4-2: PDF rendering library (Qt 4 based shared library)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides the Qt 4 based shared library for applications
 using the Qt 4 interface to Poppler.

libpoppler-qt4-dev: PDF rendering library -- development files (Qt 4 interface)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides a Qt 4 style interface to Poppler.

libpoppler2: PDF rendering library

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package contains the shared library.

poppler-utils: PDF utilitites (based on libpoppler)

 This package contains pdftops (PDF to PostScript converter), pdfinfo
 (PDF document information extractor), pdfimages (PDF image extractor),
 pdftohtml (PDF to HTML converter), pdftotext (PDF to text converter),
 and pdffonts (PDF font analyzer).