lp:ubuntu/dapper-security/poppler
- Get this branch:
- bzr branch lp:ubuntu/dapper-security/poppler
Branch merges
Branch information
Recent revisions
- 24. By Marc Deslauriers
-
* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
- debian/patches/ 106_security_ CVE-2010- 3702.patch: properly initialize
parser in poppler/Gfx.cc.
- CVE-2010-3702
* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
- debian/patches/ 107_security_ CVE-2010- 3704.patch: make sure code isn't
< 0 in fofi/FoFiType1.cc.
- CVE-2010-3704 - 23. By Marc Deslauriers
-
* SECURITY UPDATE: regression in poppler security update (LP: #457985)
- debian/patches/ 104_security_ CVE-2009- 3605.patch: update patch to
introduce gmallocn_checkoverflow in goo/gmem.{c,h} and use it in
splash/SplashFTFont. cc, as bitmap->h can be 0 and this could cause a
regression with certain applications.
- CVE-2009-3605 - 22. By Marc Deslauriers
-
* SECURITY UPDATE: unsafe malloc usage
- debian/patches/ 104_security_ CVE-2009- 3605.patch: introduce gmallocn3
and add additional allocation size checks in goo/gmem.{c,h}, replace
malloc calls with safe versions in glib/poppler-page.cc,
poppler/{ArthurOutputDe v,CairoOutputDe v,GfxState, JBIG2Stream,
PSOutputDev,SplashOutputDe v}.cc, splash/ {Splash, SplashFTFont} .cc.
- CVE-2009-3605
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in rowSize computation
- debian/patches/ 105_security_ CVE-2009- 360x.patch: make sure width
value is sane in splash/SplashBitmap. cc.
- CVE-2009-3603
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in pixel buffer size calculation
- debian/patches/ 105_security_ CVE-2009- 360x.patch: make sure yp value
is sane in splash/Splash.cc, splash/SplashErrorCode s.h.
- CVE-2009-3604
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in object stream handling
- debian/patches/ 105_security_ CVE-2009- 360x.patch: limit number of
nObjects in poppler/XRef.cc.
- CVE-2009-3608
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflow in ImageStream::ImageStream
- debian/patches/ 105_security_ CVE-2009- 360x.patch: check size of width
and nComps in poppler/Stream.cc.
- CVE-2009-3609 - 21. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution from
multiple integer overflows, buffer overflows, and other issues with
JBIG2 decoding.
- debian/patches/ 103_security_ jbig2.patch: prevent integer overflow in
poppler/CairoOutputDev. cc and splash/ SplashBitmap. cc, add overflow
checking, improve error handling, and fix other issues in
poppler/JBIG2Stream. *.
- CVE-2009-0146
- CVE-2009-0147
- CVE-2009-0166
- CVE-2009-0799
- CVE-2009-0800
- CVE-2009-1179
- CVE-2009-1180
- CVE-2009-1181
- CVE-2009-1182
- CVE-2009-1183 - 20. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution via malicious embedded fonts.
* debian/patches/ 102_embedded- font-fixes. patch: upstream fix and stronger
type-checking added.
* References
CVE-2008-1693 - 19. By Jamie Strandboge
-
* SECURITY UPDATE: out of bounds array access causes memory corruption via
a crafted PDF file
* fix for DCTStream::readScanInfo( ) in Stream.cc to properly check
boundaries
* SECURITY UPDATE: integer overflow resulting in heap-based overflow and
potential arbitrary code execution via crafted PDF file
* fix for DCTStream::reset() in Stream.cc to properly check width and height
* SECURITY UPDATE: boundary error in lookChar() resulting in heap-based
overflow and potential arbitrary code execution via crafted PDF file
* fixes for CCITTFaxStream::CCITTFaxStream and CCITTFaxStream: :lookChar( ) in
Stream.cc to properly check boundary conditions. This also includes
upstream refactoring for easier maintenance.
* References
CVE-2007-4352
CVE-2007-5392
CVE-2007-5393 - 18. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution via crafted PDFs
* Add debian/patches/ 100_streampredi ctor_overflow. patch: upstream fixes.
* References
CVE-2007-3387 - 17. By Martin Pitt
-
* SECURITY UPDATE: Denial of Service.
* Add debian/patches/ 004_CVE- 2007-0104. patch:
- Limit recursion depth of the parsing tree to 100 to avoid infinite loop
with crafted documents.
- Patch taken from koffice security update (which has a copy of xpdf
sources). - 16. By Martin Pitt
-
Add debian/
patches/ 003_refcount. patch: Fix reference counting. Thanks to
Gary Coady for the patch! Closes: LP#24970 - 15. By Martin Pitt
-
Install poppler-
page-transition into libpoppler-qt-dev (not
libpoppler-dev), since it comes from the Qt bindings. Closes: LP#32179
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/poppler