Your message dated Mon, 20 Jan 2014 04:18:49 +0000
with message-id <[email protected]>
and subject line Bug#658264: fixed in xpdf 3.03-12
has caused the Debian Bug report #658264,
regarding linked poppler uses a different header file than xpdf to access the
same struct
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
658264: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658264
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xpdf
Version: 3.02-12+squeeze1
Severity: grave
The current xpdf build copies part of the files of the upstream xpdf
package into a fresh directory to then build this restricted subset and
link against libpoppler which was forked from another subset of upstream
xpdf.
xpdf/GlobalParams.cc is built, too, and its headers xpdf/GlobalParams.h
are used, although libpoppler which is linked against has its own
(significantly deviated) version of GlobalParams (The GlobalParams.h
included from poppler.h are never actually used because the xpdf/
version is included first; If you change the inclusion order the build
breaks). The result is the running program's libpoppler part working
with an old GlobalParams from xpdf/, which might break at some point or
even expose a security issue.
This is not a bug that has, for me, manifested in actual misbehaviour or
security problem, but I haven't spent the time to generate one, and
thought it might well be worth a bugreport nevertheless. Decided to tag
`grave' because I'm undecided about the actual severity, but I assume
there is the potential.
-Jens Stimpfle
--- End Message ---
--- Begin Message ---
Source: xpdf
Source-Version: 3.03-12
We believe that the bug you reported is fixed in the latest version of
xpdf, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Gilbert <[email protected]> (supplier of updated xpdf package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 20 Jan 2014 02:54:13 +0000
Source: xpdf
Binary: xpdf
Architecture: source amd64
Version: 3.03-12
Distribution: experimental
Urgency: low
Maintainer: Michael Gilbert <[email protected]>
Changed-By: Michael Gilbert <[email protected]>
Description:
xpdf - Portable Document Format (PDF) reader
Closes: 658264 679896 719224 725514 727070 728283
Changes:
xpdf (3.03-12) experimental; urgency=low
.
* Fix vcs-git url (closes: #728283).
* Support poppler 0.20 (closes: #679896).
* Support poppler 0.22 (closes: #719224).
* Drop binutils-gold conflict (closes: #725514).
* Separate xpdf-specific global parameters (closes: #658264, #727070).
- Thanks to Dmitry Shachnev!
Checksums-Sha1:
0d1d32adf3238f1dfe10498ff14ed06d3b48bdf0 2553 xpdf_3.03-12.dsc
6b7a377ebf861a02da7eeff7e1b369f32901bd03 36296 xpdf_3.03-12.debian.tar.xz
efa806481a96ee47d252703a58c606746c07c912 152570 xpdf_3.03-12_amd64.deb
Checksums-Sha256:
51f685eb602667c7f16ac9ba20b1edee72c96ad621e60b6665983de1c2acef85 2553
xpdf_3.03-12.dsc
41d570a3968229df381352855e9e16b879a983dae0efae80da04a857efeb45cb 36296
xpdf_3.03-12.debian.tar.xz
75454ccbac7831ef4e62c180079b2a33a56f205e265e26e41a1862393bf77a41 152570
xpdf_3.03-12_amd64.deb
Files:
0e020ca8e8dce6a356c85c0a45748741 2553 text optional xpdf_3.03-12.dsc
e2e8c171ef130c1aa4db87860b5f8aa3 36296 text optional xpdf_3.03-12.debian.tar.xz
da6d207db0639ee1734aada14b22dc5a 152570 text optional xpdf_3.03-12_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQQcBAEBCgAGBQJS3KKxAAoJELjWss0C1vRzMzQf/1+3AoRghBaRO47ASZOwuR5/
aUBQDItd901vE2IRnu/tPlhZIoGT7Pl+dBBLjH1X7mfKtjDGNFjwKwURGRlJlEr5
G1Pybx3eYchFCbZu++m2qhK2c58nZ6UGYY8yLmpQj5FfCqVcbPaZSY2xroyrxZ9q
NPLRwvODpFFpVWQ3QcVHsA8qiMaRz4BSPSGq5Wa4MCTXB2XeBtZNxCqeB8kyiENF
xsPYZkgXK+xlUS3ZwN0VkIDcEtT3jnR9fYxm8+lDCtoWPUbFFmH1TcLnrz+F8k6M
GVz0rnXa/5TvAK3+NHBpZx/Q/dkUOXoOohbI5RioWYowgyjhBFykCl/olwuH2zOq
De6VtVO8Nqqm9WN5iKvzCfy7u+2PKnBXb2MgIhFciuAiORa63fULkReDBBXyznB3
ka7uNJg02+cbgMErBgaELUn2aNvIJlbrWVzUw7uxs0wkmh+xOsK2jHtb+6HYXh3n
nv7+FgVVqNVrwj8mppyIwgpTfPrnTfaWGqkkIByRqtGI6GmtAckRHEK5C1cEhX5G
J5eMAC7LCr1iRVT6ildssgWp5AVI5BUs0My2qoUkRqMBTJ4BfCTBJGYqJmgIOb6s
R/mzhcsNg0HnNw2R8agLtUZhxF9p5WplwuUaqHxRltIunlPI4ifF7FP9HKHK5rOS
Qe/nOZeIU9B+XHQ1ZfCjjNDP7AmwU2UU2aaiQCdHsz9Lui1xjkXenkQEQh110LYV
GwTlKttDrZQkkj6ZStP0crHsZPtKtWXXoCRc/2qz/hVCp5zNFBDbLhYpU/VBWt7c
SvpebTxjYVvHWdISjgrlFXoAzRJkkYk32J6MeLQh/NFvFzNPxrWgW2B9N9MLX4DW
7w5TSblD+IP+fuXdVNLMvgFj+u0Kzy9tMP84Wd+zqORInLm+yXU0ur8VfANW4bw4
p2Ih1Xr8RFR4YE0/mMs4jmJ86A7bClqeWZ1u5SZzO+GJa0VacZat3pkbZ3Joyf0g
Yv2qnf2MzdE1LB/v7DGdFvxZclMQ/jppaJOFZm9+vDjqdDkg0Ri80of4nuUyh3wK
VFaH108idU0w35nVhSx4m6kBWamPHQC+sw6I/iMZSdqmtLwFg6cnM90L8mFaNX4m
9hLgmHXl7iv2cE2kUzMF9WkmOCqRP2GCzvC1h5oxs7M1VtiZbVvlcWhb6aC+QqqS
VERujBQuY+Iikahtl65QhmVgeqsEGxo4wfA8XNFQe6HNt41xOrExigGlyOaz4CAv
DoHP2lLUDh31LVRC2uy/BsQcGmqZNny6PLn+1N/XZzd4aIaSmIfYlX/wmkBjPJqQ
hU8VPUcnSEbzT+ib6A3s25RpnSBv8yECty5xiifH++oEWzuUdm/T6idMTlfPd9o=
=9W4g
-----END PGP SIGNATURE-----
--- End Message ---
