poppler 0.8.7-1ubuntu0.4 source package in Ubuntu
Changelog
poppler (0.8.7-1ubuntu0.4) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service or arbitrary code execution via
unsafe malloc usage
- debian/patches/65_security_CVE-2009-3605.patch: introduce gmallocn3
in goo/gmem.{cc,h} and replace malloc calls with safe versions in
glib/poppler-page.cc, poppler/{ArthurOutputDev,CairoOutputDev,
GfxState,JBIG2Stream,PSOutputDev,SplashOutputDev}.cc,
splash/{SplashBitmap,Splash,SplashFTFont}.cc.
- CVE-2009-3605
* SECURITY UPDATE: denial of service via invalid Form Opt entry
(LP: #321764)
- debian/patches/66_security_CVE-2009-0755.patch: handle invalid Opt
entry gracefully in poppler/Form.cc.
- CVE-2009-0755
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in rowSize computation
- debian/patches/67_security_CVE-2009-360x.patch: make sure width value
is sane in splash/SplashBitmap.cc.
- CVE-2009-3603
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in pixel buffer size calculation
- debian/patches/67_security_CVE-2009-360x.patch: make sure yp value
is sane in splash/Splash.cc, splash/SplashErrorCodes.h.
- CVE-2009-3604
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in object stream handling
- debian/patches/67_security_CVE-2009-360x.patch: limit number of
nObjects in poppler/XRef.cc.
- CVE-2009-3608
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflow in ImageStream::ImageStream
- debian/patches/67_security_CVE-2009-360x.patch: check size of width
and nComps in poppler/Stream.cc.
- CVE-2009-3609
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in create_surface_from_thumbnail_data
- debian/patches/68_security_CVE-2009-3607.patch: eliminate g_malloc in
glib/poppler-page.cc.
- CVE-2009-3607
-- Marc Deslauriers <email address hidden> Tue, 20 Oct 2009 09:23:31 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Intrepid
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- devel
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| poppler_0.8.7.orig.tar.gz | 1.4 MiB | 3f96dee17eecf16cfd3cae711819f07b42fcc512c3151cc8b911b19ccecf22f7 |
| poppler_0.8.7-1ubuntu0.4.diff.gz | 23.6 KiB | 775360ebacbc354829a91e71235a4efcff39ca74102229083bfda9616b835eb3 |
| poppler_0.8.7-1ubuntu0.4.dsc | 1.6 KiB | f63b8b1f5745356f0e3240df45ce520611224777bf9d60869f23ec72a5d19e62 |
Available diffs
Binary packages built by this source
- libpoppler-dev: No summary available for libpoppler-dev in ubuntu intrepid.
No description available for libpoppler-dev in ubuntu intrepid.
- libpoppler-glib-dev: No summary available for libpoppler-glib-dev in ubuntu intrepid.
No description available for libpoppler-glib-dev in ubuntu intrepid.
- libpoppler-glib3: No summary available for libpoppler-glib3 in ubuntu intrepid.
No description available for libpoppler-glib3 in ubuntu intrepid.
- libpoppler-qt-dev: No summary available for libpoppler-qt-dev in ubuntu intrepid.
No description available for libpoppler-qt-dev in ubuntu intrepid.
- libpoppler-qt2: No summary available for libpoppler-qt2 in ubuntu intrepid.
No description available for libpoppler-qt2 in ubuntu intrepid.
- libpoppler-qt4-3: No summary available for libpoppler-qt4-3 in ubuntu intrepid.
No description available for libpoppler-qt4-3 in ubuntu intrepid.
- libpoppler-qt4-dev: No summary available for libpoppler-qt4-dev in ubuntu intrepid.
No description available for libpoppler-qt4-dev in ubuntu intrepid.
- libpoppler3: No summary available for libpoppler3 in ubuntu intrepid.
No description available for libpoppler3 in ubuntu intrepid.
- poppler-dbg: No summary available for poppler-dbg in ubuntu intrepid.
No description available for poppler-dbg in ubuntu intrepid.
- poppler-utils: No summary available for poppler-utils in ubuntu intrepid.
No description available for poppler-utils in ubuntu intrepid.
