Format: 1.8 Date: Wed, 26 Jun 2019 07:16:49 -0400 Source: poppler Binary: gir1.2-poppler-0.18 libpoppler-cpp-dev libpoppler-cpp0v5 libpoppler-dev libpoppler-glib-dev libpoppler-glib-doc libpoppler-glib8 libpoppler-private-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler85 poppler-utils Architecture: amd64 all Version: 0.74.0-0ubuntu1.2 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: gir1.2-poppler-0.18 - GObject introspection data for poppler-glib libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface) libpoppler-cpp0v5 - PDF rendering library (CPP shared library) libpoppler-dev - PDF rendering library -- development files libpoppler-glib-dev - PDF rendering library -- development files (GLib interface) libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface libpoppler-glib8 - PDF rendering library (GLib-based shared library) libpoppler-private-dev - PDF rendering library -- private development files libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library) libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface) libpoppler85 - PDF rendering library poppler-utils - PDF utilities (based on Poppler) Changes: poppler (0.74.0-0ubuntu1.2) disco-security; urgency=medium . * SECURITY UPDATE: DoS via crafted PDF file - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a Dict in utils/pdfunite.cc. - CVE-2018-20662 * SECURITY UPDATE: buffer underwrite in ImageStream::getLine() - debian/patches/CVE-2019-9200.patch: add check to poppler/Stream.cc. - CVE-2019-9200 * SECURITY UPDATE: buffer over-read in downsample_row_box_filter - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values for box filter in poppler/CairoRescaleBox.cc. - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in rescale filter in poppler/CairoRescaleBox.cc. - CVE-2019-9631 * SECURITY UPDATE: dict marking mishandling - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file in poppler/PDFDoc.cc. - CVE-2019-9903 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping boxes in splash/Splash.cc. - CVE-2019-10872 * SECURITY UPDATE: NULL pointer dereference in SplashClip::clipAALine - debian/patches/CVE-2019-10873.patch: make sure the index of allIntersections we access is valid in splash/SplashXPathScanner.cc. - CVE-2019-10873 * SECURITY UPDATE: buffer over-read in JPXStream::init - debian/patches/CVE-2019-12293.patch: fail gracefully if not all components have the same WxH in poppler/JPEG2000Stream.cc. - CVE-2019-12293 Checksums-Sha1: d3e024cf68a6a8a70521d1095d69ba94c5746897 19720 gir1.2-poppler-0.18_0.74.0-0ubuntu1.2_amd64.deb 3009f126324fa90347c3bdf123bfbd641e5f50fb 10124 libpoppler-cpp-dev_0.74.0-0ubuntu1.2_amd64.deb e6af601b0529b15aee50b3c108f3ca005c193f4d 885868 libpoppler-cpp0v5-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 35d07a2e2f6f4b343da3361ce3cbfabc2c900b5b 35284 libpoppler-cpp0v5_0.74.0-0ubuntu1.2_amd64.deb a225adb20f994e7ae9d529a30f52bb865a3ffeec 5112 libpoppler-dev_0.74.0-0ubuntu1.2_amd64.deb b3a68ec71c899ded68f71f75c5d9001a91e8c1a5 57784 libpoppler-glib-dev_0.74.0-0ubuntu1.2_amd64.deb 0d9d628154465f6a06329e796a20dc39555f2346 76208 libpoppler-glib-doc_0.74.0-0ubuntu1.2_all.deb 6dd7b39af5cedaf751f974dfbbfaf910fd5f4bae 1690052 libpoppler-glib8-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb baf510f0f7dace8546669ff8aae8ee4e6dcdd518 105812 libpoppler-glib8_0.74.0-0ubuntu1.2_amd64.deb 5a235d1b71086756b6c9a6a86471b33fc4024bbb 174228 libpoppler-private-dev_0.74.0-0ubuntu1.2_amd64.deb cfa3c5e29c92008d24a5ceffd90b96a2da6af72f 4654084 libpoppler-qt5-1-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb a71d3f70eb0af36a708fdf5b07174638d1824a6a 143052 libpoppler-qt5-1_0.74.0-0ubuntu1.2_amd64.deb d61342889c11095609e8b17a5e911b88c5757cf7 34768 libpoppler-qt5-dev_0.74.0-0ubuntu1.2_amd64.deb 36118900d75c44833f7d2b8d7b551665a26d7ef8 7826596 libpoppler85-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb a914a8d9f6e58cca75f3cd1e4079eb491f781308 895112 libpoppler85_0.74.0-0ubuntu1.2_amd64.deb da9698a43630d9be318e224e308faacd77d5923b 2968072 poppler-utils-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb b2e85794699587d71fa74200ecba2847c826dff6 166276 poppler-utils_0.74.0-0ubuntu1.2_amd64.deb ba321379498632863ef62f67a0fd78714868593a 18973 poppler_0.74.0-0ubuntu1.2_amd64.buildinfo Checksums-Sha256: 62a2e24bbee79a1e61993f66569b7a0518e1ffb1126084b9576cb23e7708c066 19720 gir1.2-poppler-0.18_0.74.0-0ubuntu1.2_amd64.deb 0af52bcd266140007bafe22fbdbdaa958e5c94a2d7a33e8f10fddfa070080c62 10124 libpoppler-cpp-dev_0.74.0-0ubuntu1.2_amd64.deb f0fe72da41e1e1557ed043ecbc5e69007cbdad4d19ede1125d7c7b538bddc84e 885868 libpoppler-cpp0v5-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 4eccf84e658181270710eee0e24c6b525fb0a96ce7bab43d0c823cd5a9dc15c7 35284 libpoppler-cpp0v5_0.74.0-0ubuntu1.2_amd64.deb 23b3dc2f9f3104a9ca99c6f225c4ea989c3bf65a4f9d8bf64b3b3acc07387169 5112 libpoppler-dev_0.74.0-0ubuntu1.2_amd64.deb 6dd19ee38f2938d59a724d063bfe6a442c302a8407d4286465a2c539e271935a 57784 libpoppler-glib-dev_0.74.0-0ubuntu1.2_amd64.deb de527427a88cf524bbd117da2319eeb31f130b6d1839e09666eddedc6a423150 76208 libpoppler-glib-doc_0.74.0-0ubuntu1.2_all.deb a0f5fc37b24301ccb8161f0e2dee6c4be1012ed68626611e7f21ceeb959ba3fa 1690052 libpoppler-glib8-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb d3ecdf5f14d12ff7333ca759c08899f7c02b1f6403f3c66f451af873e39f4de1 105812 libpoppler-glib8_0.74.0-0ubuntu1.2_amd64.deb ccebf811e755b2f53e278e70e9e54b243a9b071e93fbf68b225e751379b0c00c 174228 libpoppler-private-dev_0.74.0-0ubuntu1.2_amd64.deb 629280a787630d3386ebc6b69dedebb03d5b0b1cb612432d8bd403bd24608de5 4654084 libpoppler-qt5-1-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 33854549a5c2dc22b6d3715046ad87b30daf86dc402361f0a601d2de06157f50 143052 libpoppler-qt5-1_0.74.0-0ubuntu1.2_amd64.deb 49f12d0839630790b129a3cd9540973bd207ac169339f4f596d891e81e216318 34768 libpoppler-qt5-dev_0.74.0-0ubuntu1.2_amd64.deb b9fd495cca3a727c1efebe7a9c42d9a8388f7e98a276c5a260d94c804eff31dc 7826596 libpoppler85-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 60de5f118fd5d9dc62706da6e016d9f917378855967ed9cbd71949900f625264 895112 libpoppler85_0.74.0-0ubuntu1.2_amd64.deb f3579a55611bd11199387bb474ed402bb209040a5c87cc8acaee31cb0e995c2f 2968072 poppler-utils-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 092498ece7c819312e41a4cd4ef0e0e86f24094568a1b4cd4e8d0ce36b8103f1 166276 poppler-utils_0.74.0-0ubuntu1.2_amd64.deb ab2eefcee05ef85e1639cb05789b4b945d4b295c06a1dc5579738975fa6c8f9e 18973 poppler_0.74.0-0ubuntu1.2_amd64.buildinfo Files: b4b192b0dac7f8f19df95612118f45ce 19720 introspection optional gir1.2-poppler-0.18_0.74.0-0ubuntu1.2_amd64.deb f6ee9a79e350f1810315b25ff66fcdfb 10124 libdevel optional libpoppler-cpp-dev_0.74.0-0ubuntu1.2_amd64.deb 8ad1ab26e59286e573459edd325ce6bc 885868 debug optional libpoppler-cpp0v5-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 520e28a52c75d66ceacd5b9184fd3475 35284 libs optional libpoppler-cpp0v5_0.74.0-0ubuntu1.2_amd64.deb 0f96f097751080a39f9311a7d8331ff9 5112 libdevel optional libpoppler-dev_0.74.0-0ubuntu1.2_amd64.deb 414f02dc828ccb5859a38690972e12fa 57784 libdevel optional libpoppler-glib-dev_0.74.0-0ubuntu1.2_amd64.deb 5c13c30ab334eaf0f508f84b5ff7eff6 76208 doc optional libpoppler-glib-doc_0.74.0-0ubuntu1.2_all.deb c83b15cf3e3e7c900f72dcf1b7a120fd 1690052 debug optional libpoppler-glib8-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 97792e8f29afe2a9cd5458488547b654 105812 libs optional libpoppler-glib8_0.74.0-0ubuntu1.2_amd64.deb 1fda17fd6be08562fcc7fb9589a61ee6 174228 libdevel optional libpoppler-private-dev_0.74.0-0ubuntu1.2_amd64.deb f865ef95f4eba4fa3f55a7ec6187db03 4654084 debug optional libpoppler-qt5-1-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb fea397017a5847bfcac575afb7446f6f 143052 libs optional libpoppler-qt5-1_0.74.0-0ubuntu1.2_amd64.deb 15bfe8c25938c31cd948324ac6c8c5f8 34768 libdevel optional libpoppler-qt5-dev_0.74.0-0ubuntu1.2_amd64.deb e20ec06126e3880f6f8e4d155669e94b 7826596 debug optional libpoppler85-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 982bd525d8a7f0296ccf76e88466fa5b 895112 libs optional libpoppler85_0.74.0-0ubuntu1.2_amd64.deb e61c5c097c05a69ecd1202f9971413b6 2968072 debug optional poppler-utils-dbgsym_0.74.0-0ubuntu1.2_amd64.ddeb 2c8a60c8ba30953ae406725aceb197cc 166276 utils optional poppler-utils_0.74.0-0ubuntu1.2_amd64.deb f577cb140c087a350ce90972efe3bb79 18973 devel optional poppler_0.74.0-0ubuntu1.2_amd64.buildinfo Original-Maintainer: Debian freedesktop.org maintainers