poppler 0.8.7-1ubuntu0.4 source package in Ubuntu

Changelog

poppler (0.8.7-1ubuntu0.4) intrepid-security; urgency=low

  * SECURITY UPDATE: denial of service or arbitrary code execution via
    unsafe malloc usage
    - debian/patches/65_security_CVE-2009-3605.patch: introduce gmallocn3
      in goo/gmem.{cc,h} and replace malloc calls with safe versions in
      glib/poppler-page.cc, poppler/{ArthurOutputDev,CairoOutputDev,
      GfxState,JBIG2Stream,PSOutputDev,SplashOutputDev}.cc,
      splash/{SplashBitmap,Splash,SplashFTFont}.cc.
    - CVE-2009-3605
  * SECURITY UPDATE: denial of service via invalid Form Opt entry
    (LP: #321764)
    - debian/patches/66_security_CVE-2009-0755.patch: handle invalid Opt
      entry gracefully in poppler/Form.cc.
    - CVE-2009-0755
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in rowSize computation
    - debian/patches/67_security_CVE-2009-360x.patch: make sure width value
      is sane in splash/SplashBitmap.cc.
    - CVE-2009-3603
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in pixel buffer size calculation
    - debian/patches/67_security_CVE-2009-360x.patch: make sure yp value
      is sane in splash/Splash.cc, splash/SplashErrorCodes.h.
    - CVE-2009-3604
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in object stream handling
    - debian/patches/67_security_CVE-2009-360x.patch: limit number of
      nObjects in poppler/XRef.cc.
    - CVE-2009-3608
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    integer overflow in ImageStream::ImageStream
    - debian/patches/67_security_CVE-2009-360x.patch: check size of width
      and nComps in poppler/Stream.cc.
    - CVE-2009-3609
  * SECURITY UPDATE: denial of service or arbitrary code execution via
    overflow in create_surface_from_thumbnail_data
    - debian/patches/68_security_CVE-2009-3607.patch: eliminate g_malloc in
      glib/poppler-page.cc.
    - CVE-2009-3607

 -- Marc Deslauriers <email address hidden>   Tue, 20 Oct 2009 09:23:31 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2009-10-20
Uploaded to:
Intrepid
Original maintainer:
Ubuntu Development Team
Component:
main
Architectures:
any
Section:
devel
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
poppler_0.8.7.orig.tar.gz 1.4 MiB 9af81429d6f8639c357a5eed25583365
poppler_0.8.7-1ubuntu0.4.diff.gz 23.6 KiB 1da9804b9914b0af10e74e62c9df03c7
poppler_0.8.7-1ubuntu0.4.dsc 1.6 KiB 61fc879aeed7bee88fc003d4adb2da06

View changes file

Binary packages built by this source

libpoppler-dev: PDF rendering library -- development files

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package contains the headers and development libraries needed to
 build applications using Poppler.

libpoppler-glib-dev: PDF rendering library -- development files (GLib interface)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides a GLib-style interface to Poppler.

libpoppler-glib3: No summary available for libpoppler-glib3 in ubuntu intrepid.

No description available for libpoppler-glib3 in ubuntu intrepid.

libpoppler-qt-dev: PDF rendering library -- development files (Qt 3 interface)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides a Qt 3 style interface to Poppler.

libpoppler-qt2: PDF rendering library (Qt 3 based shared library)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides the Qt 3 based shared library for applications
 using the Qt 3 interface to Poppler.

libpoppler-qt4-3: No summary available for libpoppler-qt4-3 in ubuntu intrepid.

No description available for libpoppler-qt4-3 in ubuntu intrepid.

libpoppler-qt4-dev: PDF rendering library -- development files (Qt 4 interface)

 Poppler is a PDF rendering library based on xpdf PDF viewer.
 .
 This package provides a Qt 4 style interface to Poppler.

libpoppler3: No summary available for libpoppler3 in ubuntu intrepid.

No description available for libpoppler3 in ubuntu intrepid.

poppler-dbg: No summary available for poppler-dbg in ubuntu intrepid.

No description available for poppler-dbg in ubuntu intrepid.

poppler-utils: PDF utilitites (based on libpoppler)

 This package contains pdftops (PDF to PostScript converter), pdfinfo
 (PDF document information extractor), pdfimages (PDF image extractor),
 pdftohtml (PDF to HTML converter), pdftotext (PDF to text converter),
 and pdffonts (PDF font analyzer).