poppler 0.5.1-0ubuntu7.6 source package in Ubuntu
Changelog
poppler (0.5.1-0ubuntu7.6) dapper-security; urgency=low
* SECURITY UPDATE: unsafe malloc usage
- debian/patches/104_security_CVE-2009-3605.patch: introduce gmallocn3
and add additional allocation size checks in goo/gmem.{c,h}, replace
malloc calls with safe versions in glib/poppler-page.cc,
poppler/{ArthurOutputDev,CairoOutputDev,GfxState,JBIG2Stream,
PSOutputDev,SplashOutputDev}.cc, splash/{Splash,SplashFTFont}.cc.
- CVE-2009-3605
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in rowSize computation
- debian/patches/105_security_CVE-2009-360x.patch: make sure width
value is sane in splash/SplashBitmap.cc.
- CVE-2009-3603
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in pixel buffer size calculation
- debian/patches/105_security_CVE-2009-360x.patch: make sure yp value
is sane in splash/Splash.cc, splash/SplashErrorCodes.h.
- CVE-2009-3604
* SECURITY UPDATE: denial of service or arbitrary code execution via
overflow in object stream handling
- debian/patches/105_security_CVE-2009-360x.patch: limit number of
nObjects in poppler/XRef.cc.
- CVE-2009-3608
* SECURITY UPDATE: denial of service or arbitrary code execution via
integer overflow in ImageStream::ImageStream
- debian/patches/105_security_CVE-2009-360x.patch: check size of width
and nComps in poppler/Stream.cc.
- CVE-2009-3609
-- Marc Deslauriers <email address hidden> Mon, 19 Oct 2009 19:27:20 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Dapper
- Original maintainer:
- Ondřej Surý
- Architectures:
- any
- Section:
- devel
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| poppler_0.5.1.orig.tar.gz | 932.5 KiB | 2ee3f06d64dd703a2411428169fe21c17f6358950bb797d52ca8eebd1dcf1abe |
| poppler_0.5.1-0ubuntu7.6.diff.gz | 25.4 KiB | 6056925eb270a172f84baf8ec0f47d53082c10182d4a42fb83386daa099bc264 |
| poppler_0.5.1-0ubuntu7.6.dsc | 1.7 KiB | 1340333b5044f4d8a83bf773df7b6ed80e06ef3d5da938c6daeb4e27e0dead4b |
Available diffs
Binary packages built by this source
- libpoppler-dev: No summary available for libpoppler-dev in ubuntu dapper.
No description available for libpoppler-dev in ubuntu dapper.
- libpoppler-glib-dev: No summary available for libpoppler-glib-dev in ubuntu dapper.
No description available for libpoppler-glib-dev in ubuntu dapper.
- libpoppler-qt-dev: No summary available for libpoppler-qt-dev in ubuntu dapper.
No description available for libpoppler-qt-dev in ubuntu dapper.
- libpoppler1: No summary available for libpoppler1 in ubuntu dapper.
No description available for libpoppler1 in ubuntu dapper.
- libpoppler1-glib: No summary available for libpoppler1-glib in ubuntu dapper.
No description available for libpoppler1-glib in ubuntu dapper.
- libpoppler1-qt: No summary available for libpoppler1-qt in ubuntu dapper.
No description available for libpoppler1-qt in ubuntu dapper.
- poppler-utils: No summary available for poppler-utils in ubuntu dapper.
No description available for poppler-utils in ubuntu dapper.
