-
evince (3.18.2-1ubuntu4.6) xenial-security; urgency=medium
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2019-1010006-*.patch: remove unused configure
check for cairo_format_stride_for_width and fix overflow checks
in backend/tiff/tiff-document.c.
- CVE-2019-1010006
-- <email address hidden> (Leonidas S. Barbosa) Wed, 17 Jul 2019 09:48:28 -0300
-
evince (3.18.2-1ubuntu4.5) xenial-security; urgency=medium
* apparmor-profile: apply hardening from Ubuntu 18.10
- add preamble for expectations of the profile
- evince{-previewer}: restrict access to DBus system bus (we allow full
access to session, translation and accessibility buses for compatibility)
+ allow Get* to anything polkit allows
+ allow talking to avahi (for printing)
+ allow talking to colord (for printing)
- make the thumbnailer more restrictive (LP: #1794848) (Closes: #909849)
+ remove evince abstraction and use only what is needed from it
+ limit access to DBus session bus
+ generally disallow writes
+ allow reads for non-hidden files
* debian/apparmor-profile.abstraction: apply hardening from Ubuntu 18.10
- disallow access to the dirs of private files (LP: #1788929)
* debian/apparmor-profile: allow /bin/env ixr
-- Jamie Strandboge <email address hidden> Tue, 18 Jun 2019 19:28:02 +0000
-
evince (3.18.2-1ubuntu4.4) xenial-security; urgency=medium
* SECURITY UPDATE: Uninitialized memory use
- debian/patches/CVE-2019-11459.patch: handle failure
from TIFFREADGBAImageOriented, returning NULL instead
of displaying uninitialized memory in backend/tiff/tiff-document.c.
- CVE-2019-11459
-- <email address hidden> (Leonidas S. Barbosa) Thu, 25 Apr 2019 12:31:44 -0300
-
evince (3.18.2-1ubuntu4.3) xenial-security; urgency=medium
* SECURITY UPDATE: command injection in dvi backend
- debian/patches/CVE-2017-1000159.patch: properly quote filename in
backend/dvi/dvi-document.c.
- CVE-2017-1000159
-- Marc Deslauriers <email address hidden> Thu, 30 Nov 2017 14:10:45 -0500
-
evince (3.18.2-1ubuntu4.2) xenial; urgency=medium
* debian/patches/git_mimetype_typo.patch:
- remove trailing ";" which leads to non working mailcap, regression
introduced in the previous upload (lp: #1716357)
-- Sebastien Bacher <email address hidden> Fri, 29 Sep 2017 15:17:37 -0400
-
evince (3.18.2-1ubuntu4.1) xenial-security; urgency=medium
* SECURITY UPDATE: command injection via cbt files
- debian/patches/CVE-2017-1000083.patch: disable cbt support
entirely as not widely used.
- CVE-2017-1000083
-- Steve Beattie <email address hidden> Tue, 11 Jul 2017 22:53:52 -0700
-
evince (3.18.2-1ubuntu4) xenial; urgency=medium
* debian/control:
- Set breaks/replaces for .desktop file moves
* debian/evince.install:
* debian/evince-common.install:
- Move .desktop files from -common to the main binary (LP: #1553156)
- Remove reference to obsolete evince-gtk.desktop
-- Robert Ancell <email address hidden> Tue, 08 Mar 2016 21:40:27 +1300
-
evince (3.18.2-1ubuntu3) xenial; urgency=medium
* Rebuild with the new poppler soname
-- Sebastien Bacher <email address hidden> Fri, 26 Feb 2016 19:52:08 +0100
-
evince (3.18.2-1ubuntu2) xenial; urgency=medium
* Multiarchify the library packages. LP: #1508590.
* libevdocument3-4: Breaks: evince-hwp (<< 0.1.1-2ubuntu1).
-- Matthias Klose <email address hidden> Wed, 24 Feb 2016 16:30:05 +0100
-
evince (3.18.2-1ubuntu1) xenial; urgency=medium
* Resynchronize on Debian including fixed PIE build (lp: #1496548),
remaining changes
* debian/apparmor-profile:
* debian/apparmor-profile.abstraction:
* debian/evince.apport:
* debian/evince-common.dirs:
- Ubuntu apparmor profile
* debian/control:
- Build-Depend on dh-apparmor and libgrip-dev
- don't depends on gnome-icon-theme-symbolic it's deprecated and
replaced by the adwaita theme (lp: #1510819)
- Suggests on apparmor
* debian/patches/git_sidebar_label.patch:
- show the page label instead of page number (lp: #1506967)
* debian/patches/traditional_menu_bar.patch:
- use traditionnal menubars under Unity, updated to show the buttons
in the window as well as upstream does (less change and clean
warnings displayed on start before)
* debian/patches/unity_normal_titlebar.patch:
- use traditionnal titlebar out of gnome-shell
* debian/rules:
- install apparmor and apport files, update translations template
evince (3.18.2-1) unstable; urgency=medium
* New upstream release.
-- Sebastien Bacher <email address hidden> Thu, 12 Nov 2015 19:05:03 +0100
-
evince (3.18.1-1ubuntu2) xenial; urgency=medium
* debian/control.in:
- don't depends on gnome-icon-theme-symbolic it's deprecated and
replaced by the adwaita theme (lp: #1510819)
-- Sebastien Bacher <email address hidden> Thu, 29 Oct 2015 10:34:29 +0100
-
evince (3.18.1-1ubuntu1) xenial; urgency=medium
* Resynchronize on Debian including fixed PIE build (lp: #1496548),
remaining changes
* debian/apparmor-profile:
* debian/apparmor-profile.abstraction:
* debian/evince.apport:
* debian/evince-common.dirs:
- Ubuntu apparmor profile
* debian/control:
- Build-Depend on dh-apparmor and libgrip-dev
- Suggests on apparmor
* debian/patches/git_sidebar_label.patch:
- show the page label instead of page number (lp: #1506967)
* debian/patches/traditional_menu_bar.patch:
- use traditionnal menubars under Unity, updated to show the buttons
in the window as well as upstream does (less change and clean
warnings displayed on start before)
* debian/patches/unity_normal_titlebar.patch:
- use traditionnal titlebar out of gnome-shell
* debian/rules:
- install apparmor and apport files, update translations template
evince (3.18.1-1) unstable; urgency=medium
[ Andreas Henriksson ]
* libevview3-3: depend on gstreamer1.0-plugins-base
- for playbin plugin
[ Michael Biebl ]
* New upstream release.
* Update Depends of libevince-dev as per evince-document-3.0.pc:
- Bump libgtk-3-dev to (>= 3.16.0)
- Bump libglib2.0-dev to (>= 2.36.0)
-- Sebastien Bacher <email address hidden> Tue, 27 Oct 2015 11:00:30 +0100
-
evince (3.16.1-0ubuntu1) wily; urgency=medium
* New upstream release
* debian/control:
- Bump build-depends on libgtk-3-dev
* debian/libevdocument3-4.symbols:
- Updated
* debian/patches/0001-Don-t-hide-the-titlebar-when-the-window-is-maximized.patch:
- Applied upstream
-- Robert Ancell <email address hidden> Wed, 10 Jun 2015 14:48:05 +1200