poppler (0.10.5-1ubuntu2) jaunty; urgency=low
* SECURITY UPDATE: denial of service and possible code execution from
multiple integer overflows, buffer overflows, and other issues with
JBIG2 decoding. (LP: #361875)
- debian/patches/11_security_jbig2.patch: prevent integer overflow in
poppler/CairoOutputDev.cc and splash/SplashBitmap.cc, add overflow
checking, improve error handling, and fix other issues in
poppler/JBIG2Stream.*.
- CVE-2009-0146
- CVE-2009-0147
- CVE-2009-0166
- CVE-2009-0799
- CVE-2009-0800
- CVE-2009-1179
- CVE-2009-1180
- CVE-2009-1181
- CVE-2009-1182
- CVE-2009-1183
- CVE-2009-1187
- CVE-2009-1188
Date: Thu, 16 Apr 2009 22:40:29 -0400
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Signed-By: Jamie Strandboge <ja...@ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/poppler/0.10.5-1ubuntu2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 16 Apr 2009 22:40:29 -0400
Source: poppler
Binary: libpoppler4 libpoppler-dev libpoppler-glib4 libpoppler-glib-dev
libpoppler-qt2 libpoppler-qt-dev libpoppler-qt4-3 libpoppler-qt4-dev
poppler-utils poppler-dbg
Architecture: source
Version: 0.10.5-1ubuntu2
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-glib-dev - PDF rendering library -- development files (GLib
interface)
libpoppler-glib4 - PDF rendering library (GLib-based shared library)
libpoppler-qt-dev - PDF rendering library -- development files (Qt 3 interface)
libpoppler-qt2 - PDF rendering library (Qt 3 based shared library)
libpoppler-qt4-3 - PDF rendering library (Qt 4 based shared library)
libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4
interface)
libpoppler4 - PDF rendering library
poppler-dbg - PDF rendering library - detached debugging symbols
poppler-utils - PDF utilitites (based on libpoppler)
Launchpad-Bugs-Fixed: 361875
Changes:
poppler (0.10.5-1ubuntu2) jaunty; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution from
multiple integer overflows, buffer overflows, and other issues with
JBIG2 decoding. (LP: #361875)
- debian/patches/11_security_jbig2.patch: prevent integer overflow in
poppler/CairoOutputDev.cc and splash/SplashBitmap.cc, add overflow
checking, improve error handling, and fix other issues in
poppler/JBIG2Stream.*.
- CVE-2009-0146
- CVE-2009-0147
- CVE-2009-0166
- CVE-2009-0799
- CVE-2009-0800
- CVE-2009-1179
- CVE-2009-1180
- CVE-2009-1181
- CVE-2009-1182
- CVE-2009-1183
- CVE-2009-1187
- CVE-2009-1188
Checksums-Sha1:
4c3efff125f0efd3fb062d8eda3eac0ce9efdce9 1670 poppler_0.10.5-1ubuntu2.dsc
965c049a25d846395daa106607a77974fa92e834 15298 poppler_0.10.5-1ubuntu2.diff.gz
Checksums-Sha256:
31cb2a216433781c4acc43a0ae77252e91bb3a8cc3a5020f6d65db3e2a69b088 1670
poppler_0.10.5-1ubuntu2.dsc
43d29de5253738af8f6cc18cad92e15cb52f93a6b639031fbeeb4e6a8843de04 15298
poppler_0.10.5-1ubuntu2.diff.gz
Files:
85d8130f64e4482a7927a5d6612d5187 1670 devel optional
poppler_0.10.5-1ubuntu2.dsc
a2c15a204eb6063a6f8885791e015896 15298 devel optional
poppler_0.10.5-1ubuntu2.diff.gz
Original-Maintainer: Loic Minier <l...@dooz.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAknohwgACgkQW0JvuRdL8BrxnACgn/1s22LUaRp86a+1Jmr6KNXM
648AoJP+gihRyEvevY9ldJE7YHB4jdZ6
=rSJz
-----END PGP SIGNATURE-----
--
Jaunty-changes mailing list
Jaunty-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/jaunty-changes
