[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
I confirm that the version 0.62.0-2ubuntu2.12 fixes the 0.62.0-2ubuntu2.11 bug -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
# lsb_release -rd Description: Ubuntu 18.04.5 LTS Release: 18.04 I have an Epson TM BA Thermal network printer, configured in CUPS After today's unattended upgrade it stopped working Logs found on server [540009.389033] pdftoraster[63919]: segfault at d0400 ip 557a50f569a8 sp 7ffd5ca826d8 error 6 in pdftoraster[557a50f52000+8000] Thu Nov 26 14:14:19 2020: apport: report /var/crash/_usr_lib_cups_filter_pdftoraster.7.crash already exists and unseen, doing nothing to avoid disk usage DoS # dpkg -S /usr/lib/cups/filter/pdftoraster cups-filters-core-drivers: /usr/lib/cups/filter/pdftoraster Start-Date: 2019-11-25 17:01:06 Install cups-filters-core-drivers:amd64 # dpkg -l|grep cups-filters-core-drivers ii cups-filters-core-drivers 1.20.2-0ubuntu3.1 I checked what was updated with unattended upgrade Start-Date: 2020-11-24 06:20:02 Commandline: /usr/bin/unattended-upgrade Upgrade: libpulse0:amd64 (1:11.1-1ubuntu7.10, 1:11.1-1ubuntu7.11) End-Date: 2020-11-24 06:20:10 and I rolled back # wget https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+build/17383699/+files/poppler-utils_0.62.0-2ubuntu2.10_amd64.deb # wget https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+build/17383699/+files/libpoppler73_0.62.0-2ubuntu2.10_amd64.deb # ls apt/ libpoppler73_0.62.0-2ubuntu2.10_amd64.deb poppler-utils_0.62.0-2ubuntu2.10_amd64.deb #dpkg -R --install apt/ and started to work again and of course apt-mark hold libpoppler73 poppler-utils # apt-cache policy poppler-utils libpoppler73 poppler-utils: Installed: 0.62.0-2ubuntu2.10 Candidate: 0.62.0-2ubuntu2.11 Version table: 0.62.0-2ubuntu2.11 500 500 http://gr.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 500 http://gr.archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages *** 0.62.0-2ubuntu2.10 100 100 /var/lib/dpkg/status 0.62.0-2ubuntu2 500 500 http://gr.archive.ubuntu.com/ubuntu bionic/main amd64 Packages libpoppler73: Installed: 0.62.0-2ubuntu2.10 Candidate: 0.62.0-2ubuntu2.11 Version table: 0.62.0-2ubuntu2.11 500 500 http://gr.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 500 http://gr.archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages *** 0.62.0-2ubuntu2.10 100 100 /var/lib/dpkg/status 0.62.0-2ubuntu2 500 500 http://gr.archive.ubuntu.com/ubuntu bionic/main amd64 Packages -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
@mdelsaur Thanks for the prompt fixes. I confirm they fix the issues I had observed -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
This bug was fixed in the package poppler - 0.62.0-2ubuntu2.12 --- poppler (0.62.0-2ubuntu2.12) bionic-security; urgency=medium * SECURITY REGRESSION: broken Splash output (LP: #1905741) - debian/rules: don't build with SPLASH_CMYK=ON as this causes a regression with xpdf and gdal. This reverts the fix for CVE-2019-10871. -- Marc Deslauriers Thu, 26 Nov 2020 10:55:59 -0500 ** Changed in: poppler (Ubuntu Bionic) Status: In Progress => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-10871 ** Changed in: poppler (Ubuntu Xenial) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
This bug was fixed in the package poppler - 0.41.0-0ubuntu1.16 --- poppler (0.41.0-0ubuntu1.16) xenial-security; urgency=medium * SECURITY REGRESSION: broken Splash output (LP: #1905741) - debian/rules: don't build with --enable-cmyk as this causes a regression with xpdf and gdal. This reverts the fix for CVE-2019-10871. -- Marc Deslauriers Thu, 26 Nov 2020 10:59:16 -0500 -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
Thanks for reporting this, I'll back out the fix and will release updates shortly. ** Also affects: poppler (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: poppler (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: poppler (Ubuntu) Status: New => Invalid ** Changed in: poppler (Ubuntu Xenial) Status: New => In Progress ** Changed in: poppler (Ubuntu Bionic) Status: New => In Progress ** Changed in: poppler (Ubuntu Xenial) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) ** Changed in: poppler (Ubuntu Bionic) Assignee: (unassigned) => Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905741] Re: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1905741 Title: poppler 0.62.0-2ubuntu2.11 and 0.41.0-0ubuntu1.15 security updates break Splash output To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1905741/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs