Bug#886733: regression in poppler (was: [SECURITY] [DSA 4079-1] poppler security update)
On Tue, 23 Jan 2018 10:14:05 +0100 Moritz Muehlenhoffwrote: ... > Updated packages are in preparation, you can the stretch builds at > https://people.debian.org/~jmm/poppler/, let me know if you still run > into problems with those. Oups! Sorry, I failed to detect that when I backported the patch. Thanks Moritz for have fixed it. -- Santiago
Bug#886733: regression in poppler (was: [SECURITY] [DSA 4079-1] poppler security update)
On Tuesday, 23 January 2018 11:40:31 AEDT Peter Palfrader wrote: > On Tue, 23 Jan 2018, Moritz Muehlenhoff wrote: > > > This update breaks rendering some PDFs for me. > > > > Updated packages are in preparation, you can the stretch builds at > > https://people.debian.org/~jmm/poppler/, let me know if you still run > > into problems with those. > > > > I'll look into fixing jessie later today or tomorrow. > > These seem to work for me, thanks. +1 from me too, tested on a few PDFs that had been problematic. thanks Stuart -- Stuart Prescotthttp://www.nanonanonano.net/ stu...@nanonanonano.net Debian Developer http://www.debian.org/ stu...@debian.org GPG fingerprint90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7
Bug#886733: regression in poppler (was: [SECURITY] [DSA 4079-1] poppler security update)
On Tue, 23 Jan 2018, Moritz Muehlenhoff wrote: > > This update breaks rendering some PDFs for me. > > Updated packages are in preparation, you can the stretch builds at > https://people.debian.org/~jmm/poppler/, let me know if you still run > into problems with those. > > I'll look into fixing jessie later today or tomorrow. These seem to work for me, thanks. -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/
Bug#886733: regression in poppler (was: [SECURITY] [DSA 4079-1] poppler security update)
On Tue, Jan 23, 2018 at 10:39:32AM +, Peter Palfrader wrote: > On Sun, 07 Jan 2018, Moritz Muehlenhoff wrote: > > > Package: poppler > > CVE ID : CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 > > CVE-2017-9776 CVE-2017-9865 CVE-2017-14517 > > CVE-2017-14518 CVE-2017-14519 CVE-2017-14520 > > CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 > > CVE-2017-15565 > > > > Multiple vulnerabilities were discovered in the poppler PDF rendering > > library, which could result in denial of service or the execution of > > arbitrary code if a malformed PDF file is processed. > > This update breaks rendering some PDFs for me. > > For instance, this PDF: > > http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.104.5624=rep1=pdf > > looks like this before: > https://volatile.noreply.org/2018-01-23-DbTTKsSTcnQ/screenshot.png > but there is no text after the update: > https://volatile.noreply.org/2018-01-23-gwHlProxGos/screenshot.png Updated packages are in preparation, you can the stretch builds at https://people.debian.org/~jmm/poppler/, let me know if you still run into problems with those. I'll look into fixing jessie later today or tomorrow. Cheers, Moritz
Bug#886733: regression in poppler (was: [SECURITY] [DSA 4079-1] poppler security update)
On Sun, 07 Jan 2018, Moritz Muehlenhoff wrote: > Package: poppler > CVE ID : CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 > CVE-2017-9776 CVE-2017-9865 CVE-2017-14517 >CVE-2017-14518 CVE-2017-14519 CVE-2017-14520 >CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 > CVE-2017-15565 > > Multiple vulnerabilities were discovered in the poppler PDF rendering > library, which could result in denial of service or the execution of > arbitrary code if a malformed PDF file is processed. This update breaks rendering some PDFs for me. For instance, this PDF: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.104.5624=rep1=pdf looks like this before: https://volatile.noreply.org/2018-01-23-DbTTKsSTcnQ/screenshot.png but there is no text after the update: https://volatile.noreply.org/2018-01-23-gwHlProxGos/screenshot.png -- | .''`. ** Debian ** Peter Palfrader | : :' : The universal https://www.palfrader.org/ | `. `' Operating System | `-https://www.debian.org/