Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: Marc Deslauriers
Revision Date: 2012-08-06 12:37:06 UTC

* SECURITY UPDATE: possible arbitrary code execution via malformed Word
  document (LP: #1032934)
  - debian/patches/wv2_buffer_overflow_fix.diff: don't overflow grupx in
    filters/kword/msword-odf/wv2/src/styles.cpp.
  - CVE number pending

Author: Marc Deslauriers
Revision Date: 2012-08-06 12:37:06 UTC

* SECURITY UPDATE: possible arbitrary code execution via malformed Word
  document (LP: #1032934)
  - debian/patches/wv2_buffer_overflow_fix.diff: don't overflow grupx in
    filters/kword/msword-odf/wv2/src/styles.cpp.
  - CVE number pending

Author: Marc Deslauriers
Revision Date: 2012-08-06 10:55:34 UTC

* SECURITY UPDATE: possible arbitrary code execution via malformed Word
  document (LP: #1032934)
  - debian/patches/wv2_buffer_overflow_fix.diff: don't overflow grupx in
    filters/kword/msword-odf/wv2/src/styles.cpp.
  - CVE number pending

Author: Marc Deslauriers
Revision Date: 2012-08-06 10:55:34 UTC

* SECURITY UPDATE: possible arbitrary code execution via malformed Word
  document (LP: #1032934)
  - debian/patches/wv2_buffer_overflow_fix.diff: don't overflow grupx in
    filters/kword/msword-odf/wv2/src/styles.cpp.
  - CVE number pending

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: James Page
Revision Date: 2011-12-06 11:09:56 UTC

Rebuild against libpoppler19.

Author: Scott Kitterman
Revision Date: 2011-07-24 11:29:24 UTC

Add missing build-dep on libx11-dev

Author: Scott Kitterman
Revision Date: 2011-03-27 14:56:26 UTC

* Only build-dep on libqt4-opengl-dev and libglew1.5-dev on [i386 amd64
  powerpc] to fix armel FTBFS due to the GL/GLES transition (LP: #707794)
  - Add debian/patches/kubuntu_06_krita_link_x.diff to fix indirect linking
    in krita (Thanks to Jonathan Riddell for the patch)

Author: Jonathan Riddell
Revision Date: 2010-09-22 10:09:23 UTC

* Lucid backport
  - Downgrade version of KDE build-depends to 4.4.2
  - Change build-depend libkdcraw-dev to libkdcraw8-dev
  - Downgrade version of pkg-kde-tools to 0.6.4ubuntu5
  - Downgrade version of libgmm-dev to 3.0+svn758845-0ubuntu1
  - Remove librcps-dev and opengtl-dev build-depends, not available in Lucid
  - Update krita.install, krita-data.install and kplato.install

Author: Jamie Strandboge
Revision Date: 2010-08-09 09:36:41 UTC

* SECURITY UPDATE: Disable PDF import since the embedded version of XPDF is
  ancient, too far diverged from current XPDF, and upstream KDE has
  abandoned support for PDF importing in koffice.
  - debian/pathces/90_no_pdf.diff: patch based on patch from Ubuntu 9.10 to
    adjust Makefile.am and Makefile.in to not build pdf import support for
    kword
  - CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166,
    CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
    CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608,
    CVE-2009-3609
* debian/kword-data.install: don't install kword_pdf_import.desktop or
  libpdfimport.*

Author: Jamie Strandboge
Revision Date: 2010-08-09 09:36:41 UTC

* SECURITY UPDATE: Disable PDF import since the embedded version of XPDF is
  ancient, too far diverged from current XPDF, and upstream KDE has
  abandoned support for PDF importing in koffice.
  - debian/pathces/90_no_pdf.diff: patch based on patch from Ubuntu 9.10 to
    adjust Makefile.am and Makefile.in to not build pdf import support for
    kword
  - CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166,
    CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179,
    CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608,
    CVE-2009-3609
* debian/kword-data.install: don't install kword_pdf_import.desktop or
  libpdfimport.*

Author: Jonathan Riddell
Revision Date: 2010-09-21 15:36:35 UTC

Add kubuntu_03_fix-crash-on-closing-sqlite-connection-2.2.2.diff and
kubuntu_04_support-large-memo-values-for-msaccess-2.2.2.diff as
recommended by upstream http://kexi-
project.org/wiki/wikiview/index.php@Kexi2.2_Patches.html#sqlite_stab
ility

Author: Rich Johnson
Revision Date: 2010-03-29 16:41:03 UTC

* New upstream release
* debian/patches - removed as it contained 1 patch that was implemented
  upstream, kubuntu_01_fix_createresources_cmakelists.diff

Author: Jonathan Riddell
Revision Date: 2009-10-07 16:32:46 UTC

Add kubuntu_02_no_pdf.diff from upstream, don't build pdf import, too many security issues

Author: Anthony Mercatante
Revision Date: 2009-04-12 21:37:55 UTC

* Fixed koffice-data.install:
  - Removed kross RestrictedPython entries, those shouldn't be installed
  - Fixes FTBFS
* Removed now useless koffice-data.lintian

Author: Harald Sitter
Revision Date: 2008-09-25 18:37:04 UTC

Don't recommend or depend on kghostview (not available anymore). Note that
this will cause a crash as described in Debian bug 439364. (LP: #273881)

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Steve Kowalik
Revision Date: 2007-09-06 01:09:50 UTC

* Rebuild for the libpoppler1 -> libpopper2 transistion.
* Munge Maintainer field as per spec.

Author: Jonathan Riddell
Revision Date: 2007-06-01 12:38:57 UTC

* New upstream release
* Build-dep on libexif-dev
* Backport build

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Jonathan Riddell
Revision Date: 2007-02-13 11:55:03 UTC

New upstream release

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Jonathan Riddell
Revision Date: 2006-07-11 15:30:41 UTC

Remove build-dep on libpqxx-dev

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Kees Cook
Revision Date: 2008-04-15 14:04:47 UTC

* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/40_pdf2-embedded-font-fixes.diff: stronger type-checking
  added.
* References
  CVE-2008-1693

Author: Jonathan Riddell
Revision Date: 2006-05-24 10:43:01 UTC

* SECURITY UPDATE: Potential arbitrary code execution.
* Add debian/patches/kubuntu_07_xpdf_vulnerability.diff:
  - xpdf/JBIG2Stream.cc, xpdf/Stream.h, splash/SplashXPathScanner.cc: Fix
    various integer overflows.
  - Upstream patch from Derek Noonburg.
* CVE-2006-1244

Author: Jonathan Riddell
Revision Date: 2007-01-15 19:35:58 UTC

* SECURITY UPDATE: kpdf/kword/xpdf denial of service vulnerability
* kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
  a vulnerability that can cause denial of service (infinite loop)
  via a PDF file that contains a crafted catalog dictionary
  or a crafted Pages attribute that references an invalid page
  tree node.
* Add kubuntu_07_xpdf_vulnerability.diff
* References:
  http://www.kde.org/info/security/advisory-20070115-1.txt
  CVE-2007-0104

Author: Jonathan Riddell
Revision Date: 2005-10-11 14:49:50 UTC

* SECURITY UPDATE: fix heap based buffer overflow in the RTF importer of KWord
* Opening specially crafted RTF files in KWord can cause
  execution of abitrary code.
* Add kubuntu_01_rtfimport_heap_overflow.diff
* References:
  CAN-2005-2971
  CESA-2005-005
  http://www.koffice.org/security/advisory-20051011-1.txt

Author: Jonathan Riddell
Revision Date: 2006-04-12 11:49:10 UTC

* SECURITY UPDATE: Multiple integer/buffer overflows in embedded xpdf code.
* Add debian/patches/kubuntu_03_xpdf_vulnerability.diff:
  - xpdf/JBIG2Stream.cc, xpdf/Stream.h: Fix various integer overflows.
  - Upstream patch from Derek Noonburg.
* CVE-2006-1244

Author: Jonathan Riddell
Revision Date: 2005-01-21 20:41:56 UTC

* Initial Ubuntu release
* SECURITY UPDATE: second kpdf Buffer Overflow Vulnerability
* added patch 02_xpdf_security_integer_overflow_2.diff from upstream
  which fixes the Vulnerability
* References:
  http://www.kde.org/info/security/advisory-20041223-1.txt
  http://www.koffice.org/security/2004_xpdf_integer_overflow_2.php
  CAN-2004-1125
* SECURITY UPDATE: third kpdf Buffer Overflow Vulnerability
* added patch 03_xpdf_security_integer_overflow_3.diff from upstream
  which fixes the Vulnerability
* References:
  http://www.kde.org/info/security/advisory-20050119-1.txt
  http://www.koffice.org/security/advisory-20050120-1.txt
  CAN-2005-0064

Author: Jonathan Riddell
Revision Date: 2005-01-19 22:38:45 UTC

* SECURITY UPDATE: kpdf Buffer Overflow Vulnerability
* added patch 01_xpdf_security_integer_overflow.diff from upstream
  which fixes the Vulnerability
* References:
  http://www.kde.org/info/security/advisory-20041021-1.txt
  http://www.koffice.org/security/2004_xpdf_integer_overflow.php
  CAN-2004-0888, CAN-2004-0889
* SECURITY UPDATE: second kpdf Buffer Overflow Vulnerability
* added patch 02_xpdf_security_integer_overflow_2.diff from upstream
  which fixes the Vulnerability
* References:
  http://www.kde.org/info/security/advisory-20041223-1.txt
  http://www.koffice.org/security/2004_xpdf_integer_overflow_2.php
  CAN-2004-1125
* SECURITY UPDATE: third kpdf Buffer Overflow Vulnerability
* added patch 03_xpdf_security_integer_overflow_3.diff from upstream
  which fixes the Vulnerability
* References:
  http://www.kde.org/info/security/advisory-20050119-1.txt
  http://www.koffice.org/security/advisory-20050120-1.txt
  CAN-2005-0064
* Change clean rule to not run make clean-cvs on patches directory

Author: Ben Burton
Revision Date: 2004-05-09 11:33:00 UTC

* New upstream bugfix release.
* Built against newer imagemagick (closes: #246623).
* Made koffice-libs/kformula recommend/depend on latex-xft-fonts, which
  provides mathematical fonts that the formula editor can use. Also
  patched the kformula part to make these fonts the default.
* Changed kword menu hint from "WordProcessors" to "Word processors"
  (closes: #246209).
* Spellchecker configuration is now fixed (closes: #221256, #227568).