[Bug 1989434] [NEW] poppler 0.62.0-2ubuntu2.13 breaks GDAL compilation
Public bug reported: The security update poppler 0.62.0-2ubuntu2.13 that fixes CVE-2022-38784 adds a new header file goo/GooCheckedOps.h that is included by goo/gmem.h goo/gmem.h is a file installed in the libpoppler-private-dev package, which is used by GDAL, but the patches added in the 0.62.0-2ubuntu2.13 update omit installing goo/GooCheckedOps.h, consequently any external code including goo/gmem.h breaks at compilation The following extra patch should fix this: ``` $ diff -u CMakeLists.txt.ori CMakeLists.txt --- CMakeLists.txt.ori 2022-09-13 10:58:42.282712260 +0200 +++ CMakeLists.txt 2022-09-13 10:58:44.198709344 +0200 @@ -578,6 +578,7 @@ goo/GooString.h goo/gtypes.h goo/gmem.h +goo/GooCheckedOps.h goo/gfile.h goo/FixedPoint.h goo/ImgWriter.h ``` ** Affects: poppler (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1989434 Title: poppler 0.62.0-2ubuntu2.13 breaks GDAL compilation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1989434/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
@mdelsaur Thanks for the prompt fixes. I confirm they fix the issues I had observed -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] [NEW] poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
Public bug reported: The security updates 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 break the Splash output rendering, for example if using the xpdf utility that relies on Poppler splash output, or as used by the GDAL library (the issue was detected due to breakage in GDAL continuous integration tests) I've traced the root cause to those security updates enabling in 'rules' CMYK (--enable-cmyk for 0.41.0-0ubuntu1.15 and -DSPLASH_CMYK=ON for 0.62.0-2ubuntu2.11) Building without CMYK restore poppler in a working state. It should be noted that even on the upstream 0.41.0 version, enabling CMYK result in a non-functional build, so it is not related to the patches applied on top of it, but really on enabling CMYK The issue can be verified with "xpdf test_ogc_bp.pdf" with the attached test_ogc_bp.pdf file. With the new packages, xpdf crashes, whereas with older ones it displays a 20x20 greyscale image. Or with "gdal_translate test_ogc_bp.pdf out.png -of PNG" when installing the "gdal-bin" package, that currently errors out with a message like "ERROR 1: Bitmap decoded size (18623872x0) doesn't match raster size (20x20)" ** Affects: poppler (Ubuntu) Importance: Undecided Status: New ** Attachment added: "Sample file that make xpdf crash currently" https://bugs.launchpad.net/bugs/1905741/+attachment/5438256/+files/test_ogc_bp.pdf -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
