lp:debian/squeeze/xpdf
- Get this branch:
- bzr branch lp:debian/squeeze/xpdf
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 12. By Michael Gilbert
-
* Apply arrow key bindings only in the fullscreen context
(closes: #595547, #595075).
* Also remove xpdf-reader dangling symlink (closes: #595076).
* Fix Vcs-Git field. - 11. By osamu
-
[Michael Gilbert]
* Make language file installation slightly more robust/automated.
* Bind arrow keys to next/prev page actions by default (closes: #200610).
* Use Breaks instead of Conflicts.
* No need to break or conflict xpdf-common since replaces is enough to
enable successful upgrades from lenny.
* Remove dangling symlink leftover by lenny xpdf package (closes: #589650).
* Bump standards version to 3.9.1 (no changes required).
* Recommend gsfonts-x11 package.
* Remove refrences to poppler-utils files in xpdfrc and clean it up a bit.
* Drop unneeded 'Provides'.
* Drop conflicts/breaks with packages that no longer exist in lenny.
* Version all 'Breaks'.
* Include references to origin of all poppler patches in headers.
* Include comment on debian-specific changes in use-system-xpdfrc. patch.
* Correct zxpdf symlink (closes: #593565).[Osamu Aoki]
* Remove xpdf-common and clean up dependencies (closes: #589425).
* zxpdf: remove temp file on exit (closes: #280460).
* zxpdf: search compressed file names (closes: #501661).
* Fix typo in "xpdf --help" output.
* Explain zoom (+-) only after "0" (closes: #426502).
* Restore xpdf.desktop file (closes: #589542).
* Drop update-xpdfrc: no longer needed due to poppler transition
(closes: #437529).[Rogério Brito]
* Update debian/copyright to reflect change of maintainership. - 10. By osamu
-
* Reactivate zoomFitHeight properly by merging it into fix-580495.patch.
* Set VCS-* and Uploaders fields. - 9. By Michael Gilbert
-
[Michael Gilbert]
* Fix multiple security issues (closes: #551287, #575779).
- CVE-2009-1188: Integer overflow in the JBIG2 decoding feature in the
SplashBitmap::SplashBitmap function in SplashBitmap.cc.
- CVE-2009-3603: Additional integer overflows in the
SplashBitmap::SplashBitmap function.
- CVE-2009-3604: Null pointer dereference in the Splash::drawImage
function in Splash.cc.
- CVE-2009-3606: Integer overflow in the PSOutputDev::doImageL1Sep
function in PSOutputDev.cc.
- CVE-2009-3608: Integer overflow in the ObjectStream::ObjectStream
function in XRef.cc.
- CVE-2009-3609: Integer overflow in the ImageStream::ImageStream
function in Stream.cc.
* Bump standards version to 3.8.4 (no changes required).
* Use ${misc:Depends}.
* Adopt the package (closes: #535261, #527840).[Rogério Brito]
* debian/copyright:
+ include versioned link to the GPL.
* debian/*
+ convert to source format "3.0 (quilt)".
* debian/{control, compat} :
+ bump compat to 5.
* debian/control:
+ remove dpatch build-dep and calls in debian/rules.
+ include Homepage field.
+ build-depend on unversioned automake.
+ build-depend on versioned lesstif.
+ wrap build-depends line to keep sanity.
+ change build-dependency on x-dev to x11proto-core-dev. (Closes: #515495).
+ remove debian revision from versioned build-deps.
+ update standards-version to 3.8.3, with no extra changes required.
* debian/rules:
+ remove commented lines.
+ fix the includes for lesstif. (See below).
+ remove deprecated dh_desktop helper.
+ don't ignore errors when calling "make -i distclean".
+ separate configuration from package compilation to keep things tidy.
+ don't remove recursively things that are only files.
* debian/patches:
+ rename 00list to series.
+ disable patches 40 and 41, lesstif is fixed. (Closes: #458763, #528807).
+ refresh enabled patches to avoid potential problems with buildds.
+ escape minus signs from manpages.
+ fix path to configuration files. Tks Andrew Price. (Closes: #424747).
+ flexibilize the print dialog. Tks Dmitry Oboukhov. (Closes: #408502).
+ implement "Fit to Height". Tks Josh Triplett. (Closes: #424178).
* debian/xpdf-common. postint:
+ don't use command with path in maintainer script.
* debian/watch:
+ create watch file.
* debian/xpdf.desktop:
+ remove obsolete indication of encoding.
+ remove custom category "PDFViewer".
* debian/xpdf-reader. menu:
+ update obsolete section Apps -> Applications.
* debian/xpdf-reader. dirs:
+ remove empty dir usr/lib/menu. Tks Nelson Oliveira. (Closes: #495150).
* avoid conflict with poppler-utils. Tks Luca Capello. (Closes: #558020). - 8. By Giuseppe Iuculano
-
* Non-maintainer upload.
* This update fixes various security issues (Closes: #524809):
- CVE-2009-0146: Multiple buffer overflows in the JBIG2 decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a crafted PDF
file, related to (1) JBIG2SymbolDict::setBitmap and (2)
JBIG2Stream::readSymbolDic tSeg.
- CVE-2009-0147: Multiple integer overflows in the JBIG2 decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow
remote attackers to cause a denial of service (crash) via a crafted PDF
file, related to (1) JBIG2Stream::readSymbolDict Seg, (2)
JBIG2Stream::readSymbolDic tSeg, and (3) JBIG2Stream: :readGenericBit map.
- CVE-2009-0165: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, as used in Poppler and other products, when running on Mac OS X,
has unspecified impact, related to "g*allocn."
- CVE-2009-0166: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, and other products allows remote attackers to cause a denial
of service (crash) via a crafted PDF file that triggers a free of
uninitialized memory.
- CVE-2009-0799: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
that triggers an out-of-bounds read.
- CVE-2009-0800: Multiple "input validation flaws" in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6,
and other products allow remote attackers to execute arbitrary code via
a crafted PDF file.
- CVE-2009-1179: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products
allows remote attackers to execute arbitrary code via a crafted PDF file.
- CVE-2009-1180: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to execute arbitrary code via a crafted PDF file that triggers
a free of invalid data.
- CVE-2009-1181: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9
and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (crash) via a crafted PDF file that
triggers a NULL pointer dereference.
- CVE-2009-1182: Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf
3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and
other products allow remote attackers to execute arbitrary code via a
crafted PDF file.
- CVE-2009-1183: The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS
1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote
attackers to cause a denial of service (infinite loop and hang) via a
crafted PDF file. - 7. By Bernhard R. Link <email address hidden>
-
* Non-maintainer upload.
* apply patch from Jiri Palecek
against a segfault in image handling (Closes: 462544)
* apply patch from Arno Renevier against a segfault when pressing Ctrl-W
in full-screen mode (Closes: 437725)
* apply patch from Stefan Beyer against a segfault when pressing 'g'
in full-screen mode (Closes: 479467)
* fix ps encoding error on 64-bit architectures (Closes: 444648, 482029) - 6. By Hamish Moffatt
-
* Add patch 05_freetype-
2.2.dpatch: make splash/ SplashFTFont. cc
compatible with FreeType 2.2 (ie don't use FreeType internals
directly any more). Fixes unreported FTBFS.
* Enable additional compile-time options: --enable-opi,
--enable-multithreaded, --enable-wordlist
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)