* SECURITY UPDATE: Infinite loop
- d/p/0001-Fix-infinite-looping-in-cvtGlyph-with-broken-files.patch:
Fix Infinite loop in FoFiType1C::cvtGlyph().
- CVE-2020-36023
* SECURITY UPDATE: NULL dereference
- d/p/0002-FoFiType1C-Fix-crashes-with-broken-files.patch: Fix
NULL dereference in FoFiType1C::convertToType1().
- CVE-2020-36024
* SECURITY UPDATE: DoS via crafted PDF file
- debian/patches/CVE-2022-27337.patch: bail out if we run out of file
when reading in poppler/Hints.cc.
- CVE-2022-27337
* SECURITY UPDATE: Integer Overflow
- debian/patches/CVE-2022-38784.patch:Fix crash on broken file
in poppler/JBIG2Stream.cc.
- CVE-2022-38784
* New upstream version (lp: #1865351)
* debian/patches/glyphless-font.patch:
- updated for the recent poppler upstream changes
* debian/patches/glyphless-font.patch:
- restore a fix to the patch for a null pointer dereference which was
reverted by error in the recent merge/update (lp: #1865861)
* Resynchronize with Debian, removing the jpx parser CVE fixes since
the openjpeg backend is used now. Remaining changes
* d/p/glyphless-font.patch:
- Support Tesseract's glyphless font (LP: #1830473)
* debian/tests:
- Make autopkgtests cross-test-friendly.
[ Andreas Henriksson ]
* New upstream release.
* libpoppler91 -> libpoppler95
* Revert "Silence deprecation warnings for GTime, fixing autopkgtest"
- merged upstream, now part of upstream release.
* Update symbols
[ Philip Withnall ]
* Add python3:any to build deps as it’s used in `make-glib-api-docs` script.
Closes: #947327.
[ Emilio Pozuelo Monfort ]
* Replace ADTTMP variable with AUTOPKGTEST_TMP.
* Update copyright holders.
* New upstream release. Closes: #924617.
* Remove patches applied upstream.
* libpoppler82 -> libpoppler91.
* Update cmake flag for the unstable headers.
* Update README filename.
* Update symbols files.
* Update copyright holders.
[ Simon McVittie ]
* d/p/Silence-deprecation-warnings-for-PopplerAttachment-c.patch:
Silence deprecation warnings for GTime, fixing autopkgtest
(Closes: #941718)
[ Emilio Pozuelo Monfort ]
* Remove Joss from uploaders, thanks for all the work! Closes: #930163.
* CVE-2018-10872 (Closes: #926530)
* CVE-2019-12293 (Closes: #929423)
* Non-maintainer upload.
* Prevent a crash due to null pointer dereferencing in
goo/GooString.h (Closes: #924029)
* CVE-2018-16646 (Closes: #909802)
* CVE-2018-20481 (Closes: #917325)
* CVE-2018-20551 (Closes: #917525)
* CVE-2018-20662 (Closes: #918158)
* CVE-2019-7310 (Closes: #921215)
* CVE-2019-9200 (Closes: #923414)
* CVE-2019-9631 (Closes: #926673)
* CVE-2019-10873 (Closes: #926532)
[ Simon McVittie ]
* Add patch to fix poppler_document_new_from_stream() regression
(Closes: #896596)
* d/tests/glib: Add a test for #896596
[ Jeroen Ooms ]
* Backport upstream patch to fix page::text_list encoding issue.
* Upload to unstable.
* New upstream release.
* libpoppler80 -> libpoppler82.
* Update libpoppler-glib8 and libpoppler-qt5-1 symbols.
* Update copyright holders.
* Upload to unstable.
* New upstream release.
* libpoppler77 -> libpoppler80.
* Update copyright holders.
* New upstream release.
* libpoppler75 -> libpoppler76.
* rules: no need to remove .la files anymore since we no longer
use libtool.
* Add one new copyright holder.
* New upstream release.
- CVE-2017-18267: fix infinite recursion on malformed documents.
* libpoppler75 -> libpoppler76.
* Switch dh_missing to fail mode.
* Update copyright holders.
* New upstream release.
* 0001-Fix-PDFDoc-checkHeader-for-PDFs-smaller-than-1-KiB.patch:
- Removed, included upstream.
* Bump debhelper compat to 11.
- Don't install a TODO file, it hasn't existed for a while and
dh_installdocs now aborts on unknown files.
* Move libglib2.0-doc and libcairo2-doc to Build-Depends-Indep. They
are only needed to generate cross-references in the documentation.
* libpoppler74 -> libpoppler75.
* 0001-Fix-PDFDoc-checkHeader-for-PDFs-smaller-than-1-KiB.patch:
- Don't give up on files smaller than 1KB. At least pdf2djvu's
test suite has such files, and it breaks without this patch.
Closes: #895630.
* Upload to unstable.
* New upstream release.
- Fix performance regression on cairo backends. Closes: #895487.
* debian/patches/01-new-gtk-doc.patch:
- Removed, merged upstream.
* debian/rules:
- Let dpkg set -g and other CFLAGS for us.
* libpoppler73 -> libpoppler74.
* 01-new-gtk-doc.patch: patch from upstream git, fix FTBFS with new
gtk-doc-tools. Closes: #887525.
* rules: don't hardcode CXXFLAGS when setting -g, instead append to it
so that we also get dpkg's buildflags.
* rules: pass CFLAGS down to CMake. This should get x32 the required flags
from dpkg to build with hardening=pie. This was lost during the switch
to CMake as it doesn't use CFLAGS directly. Closes: #883881.
* debian/tests/test-qt4.cpp: drop, the qt4 build is gone.
* qt-visibility.diff: drop qt4 hunk.
* control: Switch Vcs to salsa.
* Upload to unstable.
* New upstream release.
* Drop libpoppler-qt4 library, removed upstream. Closes: #875096.
* libpoppler72 -> libpoppler73.
* control: Bump Standards-Version to 4.1.2.
* debian/patches/qt-visibility.diff: forward upstream.
* Upload to unstable.
* New upstream release.
* CVE-2017-14517: null pointer dereference on broken files. Closes: #876079.
* CVE-2017-14518: division by 0 on broken files. Closes: #876082.
* CVE-2017-14519: infinite recursion on broken files. Closes: #876086.
* CVE-2017-14520: floating point exception on broken files. Closes: #876081.
* CVE-2017-14617: floating point exception on broken files. Closes: #876385.
* CVE-2017-14926: null pointer dereference on broken files. Closes: #877239.
* CVE-2017-14927: null pointer dereference on broken files. Closes: #877237.
* CVE-2017-14928: null pointer dereference on broken files. Closes: #877231.
* CVE-2017-14929: infinite recursion on broken files. Closes: #877222.
* CVE-2017-14975: null pointer dereference on broken files. Closes: #877957.
* CVE-2017-14976: heap-based buffer over-read. Closes: #877954.
* CVE-2017-14977: null pointer dereference on broken files. Closes: #877952.
* CVE-2017-15565: null pointer dereference on broken files. Closes: #879066.
* Switch to cmake; the autotools build system is gone.
* rules: set libdir to the multiarch dir.
* Don't install static libs, they are not built with cmake.
* rules: Build with -g to get useful debugging symbols.
* control: Bump Standards-Version to 4.1.1.
* control: Drop Testsuite header, no longer needed.
* libpoppler70 -> libpoppler72.
* qt-visibility.diff: Port to cmake, but disable for now. Some Qt tests
use some of the private symbols and they are built now with the cmake
build system, which causes the build to fail. This makes the Qt
libraries export way more symbols, but they are not exported in the
headers, so this is fine for now.
* New upstream release.
* libpoppler68 -> libpoppler70.
* Update symbols.
* control: Downgrade libpoppler-glib-doc dependency on other -doc packages
to a recommends.
* control: Remove ancient breaks/replaces.
* control: Bump Standards-Version to 4.1.0.
* copyright: Update copyright holders.
* rules: Switch to dh_missing as dh_install --list-missing is now deprecated.
* rules: Qt 3 is long gone, no need to try to use qt4's moc over it.
* rules: Drop V=1, no longer needed.
* debian/copyright: Add missing copyright holders. Closes: #872298.
* Upload to unstable.
[ Pino Toscano ]
* Update Vcs-* fields.
* Add a lintian override for the "breaks-without-version xpdf-common" in
poppler-utils, as it is making sure to clean up xpdf-common for upgrades
to Buster.
[ Emilio Pozuelo Monfort ]
* New upstream release. Closes: #860955.
* Fixes:
CVE-2017-9406: memory leak parsing XRef entries. Closes: #864010.
CVE-2017-9408: memory leak in Object::initArray. Closes: #864009.
CVE-2017-9775: stack buffer overflow in GfxState.cc. Closes: #865680.
CVE-2017-9776: integer overflow leading to heap buffer overflow
in JBIG2Stream.cc. Closes: #865679.
CVE-2017-9865: stack buffer overflow in GfxImageColorMap::getGray.
Closes: #867477.
CVE-2017-7511: pdfunite denial of service due to null pointer
dereference. Closes: #863759.
CVE-2017-7515: crash in tools due to infinite recursion.
* debian/patches/upstream_pdfseparate-remove-extra-in-error-message.patch:
+ Dropped, fixed upstream.
* Update symbols files.
* libpoppler64 -> libpoppler68.
* Re-enable PIE. Looks like Qt5 got fixed.
* Bump debhelper compat to 10.
+ debhelper now defaults to --with autoreconf.
+ It also defaults to --parallel.
* Switch to -dbgsym packages.
* Set the team as maintainer.
* Add myself to uploaders.
* Upload to unstable. (See #839869)
* autopkgtest: build the qt5 test with -std=c++11, required with Qt5 >= 5.6.
* Backport upstream commit 5d15a52aade68c618c356fe403ca500e74917ef7 to remove
an extra '%' in an error message of pdfseparate; patch
upstream_pdfseparate-remove-extra-in-error-message.patch. (Closes: #835202)
* New upstream release:
- fixes UTF-16 decoding of document outline title (Closes: #702082)
- fixes crashes in PDF documents (Closes: #830565)
* Rename packages according to the new SONAMEs:
- libpoppler61 -> libpoppler64
* Update copyright.
* Bump the libglib2.0-dev (build-)dependency to 2.41, as noted in the
upstream build system.
* Update symbols files.
* Bump shlibs for libpoppler-cpp0v5 to >= 0.46.0, following the new APIs
added.
* Install the GObject introspection data in a multi-arch directory:
- bump the libgirepository1.0-dev, and gobject-introspection to
>= 1.42.0-2~, as providing a fixed dh_girepository
- update gir1.2-poppler-0.18.install
- mark gir1.2-poppler-0.18 as Multi-Arch: same
* Switch from OpenJPEG 1.x to 2.x: (Closes: #826825)
- replace the libopenjpeg-dev build dependency with libopenjp2-7-dev
- pass --enable-libopenjpeg=openjpeg2 to configure, to be sure OpenJPEG 2.x
is used
* Upload to unstable. (See #823667)
* New upstream release.
* Rename packages according to the new SONAMEs:
- libpoppler60 -> libpoppler61
* Update copyright.
* New upstream release: (Closes: #822644)
- fixes pdfinfo man page (Closes: #813500)
- fixes build with GCC 6 (Closes: #811901)
* Rename packages according to the new SONAMEs:
- libpoppler57 -> libpoppler60
* Update copyright.
* Update symbols files:
- adapt to the different internal symbols with GCC 6
* Update build dependencies:
- add zlib1g-dev for Flate compression
- add libnss3-dev for signature handling
* Mention pdfsig in the description of poppler-utils.
* Backport upstream commit b3425dd3261679958cd56c0f71995c15d2124433 to fix
a crash on invalid files, reported also as CVE-2015-8868; patch
upstream_Do-not-crash-on-invalid-files.patch. (Closes: #822578)
* Update Vcs-* fields.
* Bump Standards-Version to 3.9.8, no changes required.
* Upload to unstable. (See #807089)
* New upstream release:
- fixes an initialized value in Splash (Closes: #777250)
* Rename packages according to the new SONAMEs:
- libpoppler47 -> libpoppler57
* Update copyright.
* debian/patches:
- qt-visibility.diff: refresh
* Update symbols files.
* Merge changes from 0.26.5-3 and 0.26.5-4.
* New upstream release:
- fix typo in JPX stream decoder (Closes: #764997)
* Rename packages according to the new SONAMEs:
- libpoppler46 -> libpoppler47
* debian/patches:
- upstream_Map-Standard-Expert-encoding-ligatures-to-AGLFN-name.patch:
drop, backported
- qt-visibility.diff: refresh
* Update copyright.
* Update symbols files.
* Handle the new libstc++ ABI of GCC 5 on libpoppler-cpp: (Closes: #796919)
- rename libpoppler-cpp0 to libpoppler-cpp0v5
- make libpoppler-cpp0v5 conflict/replace libpoppler-cpp0
* Replace "xpdf-utils (<< 3.02-2~)" with
"xpdf-utils (<< 1:0), xpdf-common" to cleanup the old packages.
(Closes: #774949)
* Disable pie for now, as there seems to be an incompatibility between Qt5
and GCC >= 5. (Closes: #792592)
* Tighten dependencies on the libpopplerN package to the exact binary
version in other library packages and poppler-utils. (Closes: #767659)
* control: rename XS-Testsuite to Testsuite.
* autopkgtest tests: remove the realpath dependency, as the version of
coreutils in stable provides the realpath binary.
* Backport upstream commit 01723aa17e836e818158dbdc56df642a290be300 to map
Standard/Expert encoding ligatures to AGLFN names; patch
upstream_Map-Standard-Expert-encoding-ligatures-to-AGLFN-name.patch.
(Closes: #740801)
* Bump Standards-Version to 3.9.6, no changes required.
* New upstream release.
* New upstream release.
* Fix linking order in autopkgtest tests.
* Update copyright.
* New upstream release.
* Bump the libqt4-dev (build-)dependency to 4.7.0, as noted in the upstream
build system.
* Update copyright.
* Mark libpoppler-dev, libpoppler-private-dev, libpoppler-qt5-dev, and
libpoppler-cpp-dev as Multi-Arch: same; dependencies of the other -dev's
are not ready. (Closes: #743817)
* Switch from autotools-dev to dh-autoreconf: (Closes: #753342)
- autoreconf in as-needed mode, and thus drop patch ltmain-as-needed.diff
- remove Makefile.in parts from qt-visibility.diff
* Provide a simple debian/upstream/metadata file, for DEP 12.
* Remove Dave Beckett and Ross Burton from Uploaders, since they have done
no work at all in poppler.
* Add simple autopkgtest tests for the frontends (cpp, glib, qt4, qt5);
loosely inspired by the glib one provided by Ubuntu.
[ Peter Pentchev ]
* Drop the unused libgtk2.0-dev build dependency. (Closes: #749972)
* Upload to unstable. (See #751525)
* New upstream release:
- 'pdftohtml -v' now returns 0 as exit code (Closes: #732427)
* New upstream release:
- fix extraction of text in some files (Closes: #747057)
* Update copyright.
* Merge changes from 0.24.5-4:
- upstream_Fix-extraction-of-text-in-some-files.patch: drop, backported
* New upstream release:
- pdfseparate supports left-padding PDF page patterns (Closes: #723121)
- poppler-glib uses the GLib logging features for Poppler's messages
(Closes: #736425)
* Rename packages according to the new SONAMEs:
- libpoppler44 -> libpoppler46
* Update copyright.
* Update symbols files.
* debian/patches:
- upstream_fix_qt5_moc_detection.diff: drop, backported
- qt-visibility.diff: remove applied parts
* Backport upstream commit 5b2cdef49a8a0a92fd323fbe45841a5098a42ece to fix
extraction of text in in some documents; patch
upstream_Fix-extraction-of-text-in-some-files.patch. (Closes: #747057)
* Enable the autotools_dev dh addon to update config.{guess,sub} before
configure. (Closes: #734014)
* Upload to unstable.
* The rebuild closes: #742293.
* Backport upstream commits a766c55f68db38feed91cf003a0d5710e2f925a8 and
e238c1f83fd5f667336bfbb0e9a59569ff638ecc to fix the detection of
Qt 5's moc; patch upstream_fix_qt5_moc_detection.diff.
* Rename patch qt4-visibility.diff to qt-visibility.diff, and extend to qt5.
* Provide poppler-qt5: (Closes: #716685)
- add the qtbase5-dev build dependency
- add the libpoppler-qt5-1 and libpoppler-qt5-dev binaries
- pass --enable-poppler-qt5 to configure
- add symbols file for libpoppler-qt5-1
* New upstream release:
- poppler can handle documents bigger than 2GB. (Closes: #642530)
- fixes a typo in an error message. (Closes: #708972)
* Rename packages according to the new SONAMEs:
- libpoppler37 -> libpoppler44
* debian/patches:
- qt4-visibility.diff: refresh
- upstream_pdfseparate-improve-the-path-building.patch: drop, backported
- upstream_Allow-only-one-d-in-the-filename.diff: drop, backported
* Update copyright.
* Update symbols files.
* Remove the manual link to pthreads, introduced in 0.18.4-10, as it is no
more needed now (poppler does it on its own now).
* Upload to unstable.
* Merge changes from 0.18.4-9 and 0.18.4-10:
- upstream_Allow-only-one-d-in-the-filename.diff: pick it unmodified from
upstream
* Merge changes from 0.18.4-7 and 0.18.4-8:
- CVE-2012-2142.diff: drop, fixed upstream
- upstream_pdfseparate.1-Syntax-fixes.patch: drop, backported
* New upstream release:
- fixes case sensitive search in poppler-glib. (Closes: #299657)
- poppler passes correct UTF-8 strings to cairo. (Closes: #697766)
* Rename packages according to the new SONAMEs:
- libpoppler28 -> libpoppler37
* debian/patches:
- qt4-visibility.diff: refresh
- upstream_fix-GooString-insert.diff: drop, applied upstream
- upstream_Fix-another-invalid-memory-access-in-1091.pdf.asan.7.patch: drop,
backported
- upstream_Fix-invalid-memory-access-in-2030.pdf.asan.69.463.patch: drop,
backported
- upstream_Fix-invalid-memory-access-in-1150.pdf.asan.8.69.patch: drop,
backported
- upstream_Initialize-refLine-totally.patch: drop, backported
- upstream_cairo-support-parameterized-Gouraud-shading.patch: drop,
applied upstream
* Update copyright.
* Update symbols files.
* Update configure arguments:
- Add: --enable-libpng, --enable-libtiff, --enable-cms=lcms2
(no actual changes, just enforce their usage)
* Update recommends and suggests:
- libpoppler-private-dev: drop the libpng-dev, libtiff-dev suggests.
- poppler-utils: drop the ghostscript recommend.
* Split the API documentation from libpoppler-glib-dev to an own
libpoppler-glib-doc.
* Merge changes from 0.18.4-6:
- upstream_Fix-another-invalid-memory-access-in-1091.pdf.asan.7.patch:
update from upstream repository
- upstream_Fix-invalid-memory-access-in-2030.pdf.asan.69.463.patch:
update from upstream repository
- upstream_Fix-invalid-memory-access-in-1150.pdf.asan.8.69.patch:
update from upstream repository
- upstream_Initialize-refLine-totally.patch:
update from upstream repository
* Merge changes from 0.18.4-4 and 0.18.4-5:
- psoutputdev-initialize-vars.diff: drop, obsolete
* Backport upstream commit ae8fc0cbfc6123189e17b3cf1286e0540f181646 to
support parameterized Gouraud shading in CairoOutputDev; patch
upstream_cairo-support-parameterized-Gouraud-shading.patch.
(Closes: #699467)
* New upstream release.
* Update copyright.
* New upstream release.
* Rename packages according to the new SONAMEs:
- libpoppler27 -> libpoppler28
* Add few optional symbols to the libpoppler-qt4-4 symbols file.
* Rename docs to libpoppler28.docs to make sure it is used only for
libpoppler.
* Adapt the libpoppler-qt4-4 symbols file to the internal symbols exported
only with GCC 4.7, and to other templinst arm* symbols.
* New upstream release.
* Rename packages according to the new SONAMEs:
- libpoppler26 -> libpoppler27
* Update copyright.
* Remove from libpoppler-private-dev the headers we used to install manually
but which are not installed by the upstream sources:
- ArthurOutputDev.h
- CairoFontEngine.h
- CairoOutputDev.h
- DCTStream.h
- JPEG2000Stream.h
- PageLabelInfo.h
using them would have meant not compiling with upstream sources anyway.
* Remove the libopenjpeg-dev suggest from libpoppler-private-dev, since now
there are no more headers including openjpeg headers.
* Add a symbols file for libpoppler-qt4-4, based on poppler 0.20.1:
- add patch qt4-visibility.diff to enable the GCC hidden visibility,
and avoid exporting private symbols
- set the current poppler version as version for the remaining private
symbols
- stop invoking dh_makeshlibs manually for libpoppler-qt4-4
* Raise the version of the libpoppler-private-dev breaks/replaces against
libpoppler-dev to << 0.20.2. (Closes: #681313)
* New upstream release.
* Merge changes from 0.18.4-3:
- upstream_cairo-use-correct-userfont-font-bbox.patch: drop, backported
- upstream_Change-nnnnnn-to-number.patch: drop, backported
- upstream_pdfinfo-decode-utf-16-surrogate-pairs.patch: drop, backported
* Update copyright.
* New upstream release.
* Rename packages according to the new SONAMEs:
- libpoppler19 -> libpoppler26
- libpoppler-qt4-3 -> libpoppler-qt4-4
* Bump shlibs for libpoppler-qt4-4.
* Update copyright.
* Update build dependencies:
- Switch liblcms1-dev to liblcms2-dev, supported upstream now.
* debian/patches:
- ltmain-as-needed.diff: refresh
* Add pdfdetach in the description of poppler-utils.
* Add a symbols file for libpoppler-glib8, based on poppler 0.18;
the C++ symbols (internal) of it now have the current poppler version
as version.
* Manually force the link of everything against pthreads; while I cannot
reproduce #730112, it seems (see e.g. #728113) that doing so would fix
the poppler utilities. (Closes: #730112)
Newer versions of poppler link to pthreads already, so this is a
workaround for 0.18.x only.
* Remove the custom RPATH handing on Hurd, since the issue does not affect
the build anymore; remove the hurd-only chrpath build dependency.
* Backport upstream commits b8682d868ddf7f741e93b791588af0932893f95c (patch
upstream_pdfseparate-improve-the-path-building.patch)
and 61f79b8447c3ac8ab5a26e79e0c28053ffdccf75 (patch
upstream_Allow-only-one-d-in-the-filename.diff) to fix two string/format
issues in pdfseparate, reported as CVE-2013-4473 and CVE-2013-4474.
(Closes: #723124, #729064)
* Bump Standards-Version to 3.9.5, no changes required.
* Remove the .la files from debian/tmp, to shorten the --list-missing output.
* Workaround issues of old libtool on Hurd, by removing with chrpath the
extra RPATH added; add the hurd-only chrpath build dependency for that.
* Backport upstream commit 8e504bf2543621973fdaddbd29055ce435540146 to fix
small syntax issues in pdfseparate.1.
* Filter stuff that might end up in the shell; patch CVE-2012-2142.diff
by Marek Kasik <mkasik@redhat.com> to fix CVE-2012-2142.
* Fix Vcs-* headers.
* Bump Standards-Version to 3.9.4, no changes required.
* Adjust watch file to allow both gz and xz extensions.
* Mark poppler-dbg as Multi-Arch: same.
* Backport upstream commits 0388837f01bc467045164f9ddaff787000a8caaa (patch
upstream_Fix-another-invalid-memory-access-in-1091.pdf.asan.7.patch),
8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492 (adapted patch
upstream_Fix-invalid-memory-access-in-1150.pdf.asan.8.69.patch), and
e14b6e9c13d35c9bd1e0c50906ace8e707816888 (adapted patch
upstream_Fix-invalid-memory-access-in-2030.pdf.asan.69.463.patch) to fix
CVE-2013-1788.
* Backport upstream commit b1026b5978c385328f2a15a2185c599a563edf91 to fix
CVE-2013-1790 (patch upstream_Initialize-refLine-totally.patch).
* With the changes above, this upload closes: #702071.
* Correctly initialize PSOutputDev::fontFileNameLen and
PSOutputDev::psFileNames; patch psoutputdev-initialize-vars.diff.
(Closes: #699421)
* Backport upstream commits 7ba15d11e56175601104d125d5e4a47619c224bf and
55940e989701eb9118015e30f4f48eb654fa34c4 to fix GooString::insert;
patch upstream_fix-GooString-insert.diff. (Closes: #693817)
* Add a libcairo2-doc build dependency to fix cross-references to cairo
methods in the poppler-glib apidox.
* Finally drop the libfontconfig1-dev dependency from libpoppler-dev,
since now all sources have been fixed.
* Remove an extra colon from the override_dh_auto_clean declaration.
* Move the poppler private headers from libpoppler-dev to
libpoppler-private-dev:
- Add break/replaces in libpoppler-private-dev.
- Drop lintian overrides of libpoppler-private-dev.
- Adjust descriptions of libpoppler-dev and libpoppler-private-dev.
* Backport upstream commit f1e621adbbb74ec709022b2a31195331651c83fa to fix
the glyph drawing with cairo >= 1.12; patch
upstream_cairo-use-correct-userfont-font-bbox.patch. (Closes: #668250)
* Backport upstream commit fde3bed0f400a50f31f1f6bcee44ac1b2c17ddc6 to make
pdfinfo decode UTF-16 surrogate pairs; patch
upstream_pdfinfo-decode-utf-16-surrogate-pairs.patch. (Closes: #525309)
* Backport upstream commit 4eaafe67de79fb63ebf61f031a97bbc0ed6a8891 to fix
the man page of pdftoppm regarding the naming of the output files;
patch upstream_Change-nnnnnn-to-number.patch. (Closes: #495901)
* Upload to unstable.
* Enable all the hardening flags.
* Bump to Standards-Version to 3.9.3, no changes required.
* Bump debhelper build dependency to >= 9, since compat 9 is used.
* Set the minimum shlib version of libpoppler19 to the current version.
* Temporarly put back the libfontconfig1-dev dependency to libpoppler-dev,
as there is still one source assuming that dependency.
* New upstream release.
* Update copyright.
* New upstream release: (Closes: #644447)
- fixes rendering of Porirua City overview map. (Closes: #443547)
- shows the names of unknown fonts. (Closes: #524323)
* Rename packages according to the new SONAMEs:
- libpoppler13 -> libpoppler19
- libpoppler-glib6 -> libpoppler-glib8
* Bump shlibs for libpoppler-glib8 and libpoppler-qt4-3.
* debian/patches:
- ltmain-as-needed.diff: refresh
* Update copyright.
* Update configure arguments:
- Remove: --disable-poppler-qt, --disable-abiword-output
* Drop test-poppler-glib from libpoppler-glib-dev, as it does not exist
anymore.
* Update build dependencies, dependencies and suggests:
- Switch liblcms-dev to liblcms1-dev, to make it explicit lcms 1 is used.
- Add libtiff-dev (for TIFF support).
- Remove the gnome-pkg-tools B-D, unused.
- libpoppler-dev: remove libfontconfig1-dev.
- libpoppler-private-dev: suggest packages containing headers included in
barely used private poppler core headers: libfreetype6-dev,
libopenjpeg-dev, libpng-dev, libtiff-dev. (Closes: #646688)
- libpoppler-glib-dev: remove libgtk2.0-dev.
* Enable the GObject introspection support (Closes: #617604):
- Add libgirepository1.0-dev and gobject-introspection build dependencies.
- Add a new package gir1.2-poppler-0.18, and make libpoppler-glib-dev
depend on it.
- Enable the introspection in configure arguments.
* Improve description of poppler-utils, also including the new tools
(pdfseparate, pdftocairo, pdfunite).
* Convert convert to the `dh' sequencer:
- Drop cdbs build dependency.
- Bump debhelper build dependency to 7.0.50.
- Make use of the gir dh addon.
- Enable parallel build support.
* Remove ${shlibs:Depends} from poppler-dbg.
* Install the upstream ChangeLog only in the libpopplerN package.
* Convert to multi-arch:
- Bump debhelper build dependency to 8.9.0.
- Bump compat to 9.
- Add dpkg build dependency to 1.16.1.
- libpoppler19, libpoppler-glib8, libpoppler-qt4-3, libpoppler-cpp0:
mark "Multi-Arch: same", and add Pre-Depends.
- poppler-utils: mark "Multi-Arch: foreign".
- Fix (using wildcard) library paths in .install files, taking care of
installing the gir .typelib file in a non-multi-arch path.
* Use DEB_LDFLAGS_MAINT_APPEND in rules to properly append custom LDFLAGS.
(Closes: #651968)
* Make the build verbose (V=1).
[ Michael Gilbert ]
* Bump standards to 3.9.2.
* Remove automatically generated glib reference files in clean rule (this
prevents automatic generation of a debian patch on a second build run.
[ Pino Toscano ]
* Switch to my @debian.org address, I'm a DD now.
* Add a libpoppler-private-dev package: it will contain the private
poppler core headers, but at the moment it is empty to allow sources
to migrate their (build-)dependencies from libpoppler-dev to it.
* control: add Vcs-Browser and Vcs-Git headers.
* control: fix some of the conflict/replaces relations in poppler-utils:
- xpdf-utils: properly set the version for it, and turn into a
breaks/replaces (see also #586620)
- pdftohtml: remove the version, since any newer version would always
conflict with the one in poppler-utils
* Upload to unstable.
* New upstream release.
* Make sure to really disable the gobject introspection for configure.
* Few touches to descriptions:
- Fix typo in libpoppler-cpp0.
- Correctly capitalize "Xpdf".
* Update copyright.
* Enable as-needed linking:
- Import the ltmain-as-needed.diff (refreshed) patch to allow to pass
-Wl,--as-needed at the beginning of autotools linking lines
- set LDFLAGS to "-Wl,--as-needed"
* Drop abiword support, buggy and dropped in Poppler 0.18:
(Closes: #521456, #618634)
- rules: add --disable-abiword-output
- control: remove the libxml2-dev build-dependency and the pdftoabw
references in the poppler-utils description
- drop patch 03_CVE-2009-3938.patch, no more needed now
- drop pdftoabw.1 manpage
- libpoppler-dev.install: stop installing ABWOutputDev.h
[ Pino Toscano ]
* New upstream release: (Closes: #567817, #585434, #592534, #601179, #611874)
- fixes thread-unsafe usage of strtok(). (Closes: #533426)
- pdftohtml correctly rotates images. (Closes: #506785)
- pdftoppm tests correctly for rotation. (Closes: #614831)
- fixes text highlighting. (Closes: #463963)
- fixes image rescaling with cairo. (Closes: #533138)
- fixes/hides some "Illegal entry in bfrange block in ToUnicode CMap"
errors. (Closes: #578050)
- fixes a pdftotext crash. (Closes: #611124)
* Update patches:
- 01_revert_abi_change.patch: remove, obsolete
- 02_autohinting_abi_compatibility.patch: remove, obsolete
- 03_CVE-2009-3938.patch: add two DEP3 headers (with bug number)
- 04_security.patch: remove, applied upstream
* Drop Qt 3 frontend, unused in Debian (and will no more be provided with
Poppler 0.18). (Closes: #604370, #558951)
* Rename packages according to the new SONAMEs:
- libpoppler5 -> libpoppler13
- libpoppler-glib4 -> libpoppler-glib6
* Update shlib depends for libpoppler-qt4-3.
* Add packages for the new CPP frontend (libpoppler-cpp0).
* Update build-dependencies and dependencies:
- Bump libglib2.0-dev, libcairo2-dev, gtk-doc-tools, and libqt4-dev
to the versions required upstream.
- Remove obsolete B-D: libqt3-mt-dev, libglade2-dev.
- libpoppler-glib-dev: add libgtk2.0-dev (Closes: #540582), remove
libpango1.0-dev.
* Update configure arguments:
- Add: --enable-xpdf-headers
- Remove: --enable-a4-paper
* Update copyright, adding a small clarifying text that the Poppler license
is GPL v2 only. (Closes: #611259)
* Bump debhelper compatibility to 7:
- Update .install files accordingly.
* libpoppler-dev.install: Avoid installing all the poppler private headers
(even those that will not work), but rely on what poppler installs
and manually copy the few "useful".
* rules: include /usr/share/cdbs/1/rules/utils.mk for list-missing.
* Add myself to the Uploaders.
* Add Homepage field in control.
* Improve descriptions of most of the packages.
[ Michael Gilbert ]
* Recommend poppler-data (closes: #584503).
* Fix a typo (closes: #582527).
* Update to source format 3.0 (quilt).
- Drop explicit quilt dependency.
* Bump standards version to 3.8.4 (no changes required).
* Add copyright dates to copyright file as stated in README-XPDF.
* Add manpage for pdftoabw (closes: #505147).
* Non-maintainer upload by the Security Team
* Fix CVE-2010-3702, CVE-2010-3703, CVE-2010-3704 and several crashers
(Closes:#599165)
* Non-maintainer upload.
* Do not conflict with newer versions of xpdf-utils (closes: #586620).
* New upstream release.
* Bump Qt requirements.
* Non-maintainer upload by the Security Team.
* Fixed CVE-2009-3938 (Closes: #534680)
* Switch to quilt to manage patches.
* 01_revert_abi_change.patch: revert upstream commit that introduced
an ABI change in a stable release. Closes: #558463.
* 02_autohinting_abi_compatibility.patch: revert part of another
upstream commit for a similar reason.
* New upstream release.
* Non-maintainer upload.
* Include fofi/*.h in /usr/include/poppler/fofi. Closes: #553445.
* copyright: add complete list of copyright holders.
* Upload to unstable. Hold on to your pants.
* New upstream release. Closes: #530731.
* Rename libpoppler4 to libpoppler5.
* Bump shlibs versions.
* Fix section for the debug package.
* New upstream release.
+ Fix problems that happen when parsing broken JBIG2 files.
CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180,
CVE-2009-1181, CVE-2009-1182, CVE-2009-1183, CVE-2009-1187,
CVE-2009-1188.
* Bump libqt4 requirement.
* 10_jpxstream_int_crash.patch: removed, upstream has merged a
different fix quite a while ago.
* Standards version is 3.8.1.
[ Pino Toscano ]
* New upstream release, no API nor ABI changes.
+ Fixes crash when rendering documents with optional content.
(Closes: #519494)
* Remove lintian override for poppler-dbg, which is no more needed with
lintian >= 2.2.1.
* Revert previous upload, now openjpeg was built successfully on
alpha.
* Build-depend on libglib2.0-doc to ensure proper xrefs.
* Don’t require openjpeg on alpha, since it doesn’t build there.
[ Pino Toscano ]
* New upstream stable release, with ABI and API changes wrt poppler 0.8.
- Rename libpoppler3 to libpoppler4, libpoppler-glib3 to libpoppler-glib4;
libpoppler-qt2 and libpoppler-qt4-3 are not renamed; update control,
DEB_DH_MAKESHLIBS_ARGS_* in rules, and rename install files.
- Add shlib version for libpoppler-qt4-3.
- Drop patches 60_manpages-cfg-flag.patch, 61_manpages-hyphens.patch, and
62_pdftops-mandatory-arg.patch, merged upstream.
* Build-dep on libopenjpeg-dev for better JPEG2000 reading.
[ Josselin Mouette ]
* Build-depend explicitly on libjpeg-dev, libfreetype6-dev and
libxml2-dev.
* Bump requirement on libqt4-dev.
* Bump up Standards-Version to 3.8.0.
* New patch, 61_manpages-hyphens, fixes escaping of hyphens in man pages;
FreeDesktop #17225.
* New patch, 62_pdftops-mandatory-arg, fixes synopsis of pdftops in man page
to clarify that a PDF file is required in all cases; FreeDesktop #17226;
closes: #491816.
* Build-dep on cdbs (>= 0.4.52) and add a lintian override with rationale
for the following lintian warning:
W: poppler-dbg: dbg-package-missing-depends poppler
* Add xrefs and CVE for #489756 in 0.8.5-1 as I didn't merge the 0.8.4-1.1
NMU.
* New upstream release; no API change, bug fixes.
* Fix /usr/share/gtk-doc/html/poppler symlink to point at
/usr/share/doc/libpoppler-glib-dev/html/poppler instead of
/usr/share/doc/libpoppler-glib-dev/html; LP: #226677.
* New upstream stable release; bug fixes, no API change.
* New patch, 60_manpages-cfg-flag, drop unimplemented -cfg flag from man
pages; FreeDesktop #17222; closes: #461961.
* Rename patch 001_jpxstream_int_crash to 10_jpxstream_int_crash as we don't
have that many patches; also add upstream bug id (FreeDesktop #5667) and
refresh to apply cleanly.
* Build-dep on pkg-config >= 0.18 to make sure -lpoppler is only in
poppler-qt's Libs.private (it already is though); closes: #360595.
* New upstream release; no API changes, misc fixes.
- Initializes pageWidgets in Page.cc, otherwise it can be a rubbish
pointer as Annots is not a valid object; upstream commit
fd0bf8b05cb155e2f29df31fa01964b12e710b89; CVE-2008-2950;
closes: #489756.
* New upstream release; no API change.
- Fixes crash when reloading PDFs; GNOME #536482; closes: 484160.
* New upstream release. Closes: #487214.
+ Fix crasher with some PDF files. Closes: #484224.
* Upload to unstable.
* Set myself as Maintainer instead of Uploader, taking over from Ondřej Surý
but I wish we move to an official team; closes: #481323.
* New upstream releases.
- Drop patch 006_pthreads_ldflags, upstream now calls ACX_PTHREAD() in
configure.ac which does the right thing.
- Drop patch 102_embedded-font-fixes, merged upstream.
* Bump libcairo2-dev build-dep and dep to >= 1.4; thanks
Marc 'HE' Brockschmidt.
* New upstream stable release, with ABI and API changes; closes: #476323.
- Rename libpoppler2 to libpoppler3, libpoppler-glib2 to libpoppler-glib3,
and libpoppler-qt4-2 to libpoppler-qt4-3; NB: libpoppler-qt2 not
renamed; update control, DEB_DH_MAKESHLIBS_ARGS_* in rules, rename
install files.
- Drop shlib version except for libpoppler-qt2.
- Update patch 006_pthreads_ldflags for the version-info changes in
poppler/Makefile.am.
- Force usage of qt4's moc via a PATH setting; export PATH.
* Let libpoppler-glib-dev depend on libglib2.0-dev >= 2.6 for consistency
with build-deps.
* New patch, 102_embedded-font-fixes; protects the methods of the Object
class to be more robust and prevent things like CVE-2008-1693; see also
FreeDesktop/Poppler #11392; taken from the Ubuntu package;
closes: #476842.
* Add a poppler-dbg package; closes: #408403.
- Bump up cdbs build-dep to >= 0.4.51 for -dbg handling fixes.
- Add poppler-dbg to control.
* Add ${shlibs:Depends} to libpoppler-glib-dev, libpoppler-dev,
libpoppler-qt-dev, libpoppler-qt4-dev.
* Add ${misc:Depends}.
* Cleanups.
* New upstream releases; no API change; bug fixes; closes: #459342.
* Fix copyright information to use version 2 of the GPL (instead of version 2
or later); thanks Timo Jyrinki for the patch; closes: #453865.
* Urgency medium for RC bug fix.
* List pdftohtml in poppler-utils' description; closes: #464439.
* Drop libpoppler-qt-dev dependency from libpoppler-qt4-dev; thanks
Pino Toscano; closes: #459922.
* Bump up Standards-Version to 3.7.3.
* New upstream version. (Closes: #447992)
* Dependency on xpdfrc was removed on 2007-02-25 (Closes: #347789, #440936)
* Changes since 0.6.1:
- Fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 (Closes: #450628)
- Fix a crash on documents with wrong CCITTFaxStream
- Fix a crash in the Cairo renderer with invalid embedded fonts
- Fix a crash with invalid TrueType fonts
- Check if font is inside the clip area before rendering
it to a temporary bitmap in the Splash renderer. Fixes crashes on
incorrect documents
- Do not use exit(1) on DCTStream errors
- Detect form fields at any depth level
- Do not generate appearance stream for radio buttons that are not active
* Upload to unstable.
* New upstream version.
* Changes since 0.6.0:
- poppler core:
+ Fix printing with different x and y scale
+ Fix crash when Form Fields array contains references to non
existent objects
+ Fix crash in CairoOutputDev::drawMaskedImage()
+ Fix embedded file description not working on some cases
- Qt4 frontend:
+ Fix printing issue
+ Avoid double free
+ Fix memory leak when dealing with embedded files
- glib frontend:
+ Fix build with --disable-cairo-output
+ Do not return unknown field type for signature form fields
- build system:
+ Support automake-1.10
+ More compatible sh code in qt.m4
- utils:
+ Fix build on Sun Studio compiler
* New upstream release. (Closes: #429700)
- merged changes from Ubuntu, courtesy of Sebastien Bacher <seb128@canonical.com>
- Fix security issue MOAB-06-01-2007
- Fix security issue CVE-2007-3387
- Fix security issue CVE-2007-5049 (Closes: #443903)
* debian/watch:
- update (Closes: #441012)
* debian/control, debian/libpoppler2.install, debian/libpoppler-glib2.install,
debian/libpoppler-qt2.install, debian/libpoppler-qt4-2.install,
debian/rules:
- updated for soname change
* debian/libpoppler-glib-dev.install:
- install new test-poppler-glib
* debian/patches/002_CVE-2006-0301.patch:
- dropped, deprecated by the upstream changes
* debian/patches/003_glib-2.0-configure.patch:
* debian/patches/004_CVE-2007-0104.patch:
* debian/patches/005_fix_inverted_text_from_bug_8944.patch:
- dropped, fixed with the new version
* debian/patches/006_pthreads_ldflags.patch:
- updated
* Conflict with old library names from experimental. (Closes: #426023)
* Add missing poppler/poppler-link-qt3.h header to libpoppler-qt-dev; thanks
Sune Vuorela; closes: #425486.
* Let libpoppler-qt4-dev depend on libpoppler-qt-dev since some of its
headers require poppler-page-transition.h which is clearly from the Qt
bindings; thanks Sune Vuorela; closes: #425540.
* Wrap build-deps and deps.
* Drop useless debian/*.dirs.
* Misc cleanups.
* Build-dep on autotools-dev and drop bogus lintian overrides.
* The "Augean Stables" release.
* 0.5.x branch fixes all kind of displaying errors
Closes: #372169, #235360, #331380, #332426, #336616
Closes: #402647, #369164, #413953, #343654
* Add versioned conflict to pdftohtml (Closes: #393169)
* We dropped .la files some time ago, libjpeg62-dev dependency not
needed now (Closes: #413112)
* Crash fixed in 0.5.4 (Closes: #418638)
* [control.in]: dropped some time ago (Closes: #407818)
* NMU 0.5.4-5.1 merged as 004_CVE-2007-0104.patch (Closes: #407810)
* 0.5.x uploaded to unstable (Closes: #352522)
* qt4 libraries are now part of build (Closes: #414643)
* No longer depends on poppler-data (Closes: #389753)
* [debian/patches/006_pthreads_ldflags.patch]:
+ Add -lpthread to poppler/Makefile.am (Closes: #399275)
* Upload to unstable.
* Enable Cairo output again.
* Enable gtk-doc build.
* Add lintian override for outdated-autotools-helper-files (we use CDBS).
* Change shared library packages names according to Library Packaging Guide.
* Change ${Source-Version} to ${binary:Version} to allow binNMU
* Drop (= ${Source-Version}) dependency in glib, qt3, qt4 libraries; we are
adding that from debian/rules
* Merge changes from Ubuntu:
+ Enable Qt4 library build (but change name to libpoppler-qt4-1).
+ [debian/patches/004_CVE-2007-0104.patch]:
- Limit recursion depth of the parsing tree to 100 to avoid infinite loop
with crafted documents.
- Patch taken from koffice security update (which has a copy of xpdf
sources).
+ [debian/patches/005_fix_inverted_text_from_bug_8944.patch]:
- fixes "text is inverted in some PDFs"
* [debian/control]: poppler-data is non-free, do not depend on it (Closes: #389753)
* New upstrem release.
* [debian/control.in]: remove file and add all pkg-freedesktop people
to Uploaders: field
* [debian/control]: Add dependency on poppler-data package.
* [debian/patches/03_glib-2.0-configure.patch]: fix broken configure.ac
* New upstream release.
* debian/lib{poppler,poppler-glib,poppler-qt}-dev.install:
Stop shipping /usr/lib/*.la in libpoppler*-dev.
* New upstream release.
* Remove patches adopted upstream:
debian/patches/000_incorrect_define_fix.patch
debian/patches/000_splash_build_fix.patch
* Merge back changes from Ubuntu.
* Upload to experimental (Closes: 352522)
* Install poppler-page-transition into libpoppler-qt-dev (not
libpoppler-dev), since it comes from the Qt bindings. Closes: LP#32179
* debian/patches/000_incorrect_define_fix.patch:
- patch from the CVS, fix an incorrect boxes rendering (Ubuntu: #33239)
* debian/control.in: libpoppler-dev needs to depend on libfontconfig1-dev,
because we directly include <fontconfig/fontconfig.h> in GlobalParams.h
* debian/control.in: Have poppler-utils Replace: xpdf-reader, since both
contain pdftoppm.1.gz.
* debian/control.in:
- fix the libpoppler1 package description
* New upstream version:
- Support for embedded files.
- Handle 0-width lines correctly.
- Avoid external file use when opening fonts.
- Only use vector fonts returned from fontconfig (#5758).
- Fix scaled 1x1 pixmaps use for drawing lines (#3387).
- drawSoftMaskedImage support in cairo backend.
- Misc bug fixes: #5922, #5946, #5749, #5952, #4030, #5420.
* debian/control.in, debian/libpoppler0c2.dirs,
debian/libpoppler0c2-glib.dirs, debian/libpoppler0c2-glib.install,
debian/libpoppler0c2.install, debian/libpoppler0c2-qt.dirs,
debian/libpoppler0c2-qt.install, debian/rules:
- updated for the soname change
* debian/patches/000_splash_build_fix.patch:
- fix build when using splash
* debian/patches/001_fixes_for_fonts_selection.patch:
- fix with the new version
* debian/control.in, debian/rules:
- build without libcairo
* debian/patches/001_fixes_for_fonts_selection.patch:
- change from the CVS, fix some renderings issues and fonts selection
* SECURITY UPDATE: Buffer overflow.
* Add debian/patches/002_CVE-2006-0301.patch:
- splash/Splash.cc, Splash::drawPixel(), Splash::drawSpan(),
Splash::xorSpan(): Check coordinates for integer overflow.
* CVE-2006-0301
* debian/rules: Bump shlibs version to 0.5.0.
* New upstream release 0.5.0, required for new evince 0.5.
* Merge with Debian.
* Remove patches adopted upstream:
- debian/patches/000_add-poppler-utils.patch
- debian/patches/002-selection-crash-bug.patch
* debian/libpoppler-dev.install:
- Install poppler-page-transition.h.
- Do not install poppler-config.h, it doesn't exist any more.
- Upstream doesn't install legacy xpdf includes any more, fix path to
install them into libpoppler-dev.
* Add debian/patches/001_jpxstream_int_crash.patch:
- poppler/JPXStream.h: Fix declaration of cbW to be signed.
JPXStream.cc, readCodeBlockData() negates the value, which results in an
invalid value on 64 bit platforms if using unsigned types.
- Thanks to Vladimir Nadvornik for pointing at this.
* New upstream security release
- fixes CVE-2005-3624, CVE-2005-3625, CVE-2005-3627
* Remove debian/patches/003-CVE-2005-3624_5_7.patch:
- Merged upstream
* Remove debian/patches/004-fix-CVE-2005-3192.patch:
- Merged upstream
* Remove debian/patches/001-relibtoolize.patch
- Upstream uses recent libtool
* Fix missing libcairo2-dev dependency (Closes: #346277)
[ Martin Pitt ]
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Add debian/patches/003-CVE-2005-3624_5_7.patch:
- poppler/Stream.cc, CCITTFaxStream::CCITTFaxStream():
+ Check columns for negative or large values.
+ CVE-2005-3624
- poppler/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
+ Reset numComps to 0 since it's a global variable that is used later.
+ CVE-2005-3627
- poppler/Stream.cc, DCTStream::readHuffmanTables():
+ Fix out of bounds array access in Huffman tables.
+ CVE-2005-3627
- poppler/Stream.cc, DCTStream::readMarker():
+ Check for EOF in while loop to prevent endless loops.
+ CVE-2005-3625
- poppler/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(),
JBIG2Bitmap::expand(), JBIG2Stream::readHalftoneRegionSeg():
+ Check user supplied width and height against invalid values.
+ Allocate one extra byte to prevent out of bounds access in combine().
* Add debian/patches/004-fix-CVE-2005-3192.patch:
- Fix nVals int overflow check in StreamPredictor::StreamPredictor().
- Forwarded upstream to https://bugs.freedesktop.org/show_bug.cgi?id=5514.
[ Ondřej Surý ]
* Merge changes from Ubuntu (Closes: #346076).
* Enable Cairo output again.
* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
* Fixed some rendering bugs and disabled Cairo output
(Closes: #314556, #322964, #328211)
* Acknowledge NMU (Closes: #342288)
* Add 001-selection-crash-bug.patch (Closes: #330544)
* Add poppler-utils (merge patch from Ubuntu)
* SECURITY UPDATE: Multiple integer/buffer overflows.
* NMU to fix RC security bug (closes: #342288)
* Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,
thanks to Martin Pitt:
* poppler/Stream.cc, DCTStream::readBaselineSOF(),
DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
- Check numComps for invalid values.
- http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
- CVE-2005-3191
* poppler/Stream.cc, StreamPredictor::StreamPredictor():
- Check rowBytes for invalid values.
- http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
- CVE-2005-3192
* poppler/JPXStream.cc, JPXStream::readCodestream():
- Check img.nXTiles * img.nYTiles for integer overflow.
- http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
- CVE-2005-3193
* GNOME Team upload.
* New upstream version.
* debian/control.in:
- updated the Build-Depends on libqt (Closes: #326130).
* debian/rules:
- updated the shlibs.
* GNOME Team Upload.
* Rebuild for the CPP transition.
* New upstream version (Closes: #311133):
- fix some crashers (Closes: #315590, #312261, #309410).
- fix some rendering defaults (Closes: #314441, #315383, #309697, #308785).
* debian/control.in, debian/rules:
- build with the current cairo version (Closes: #321368, #318293).
- update for the renamed the packages.
* debian/patches/01_CAN-2005-2097.patch:
- Patch from Ubuntu, thanks Martin Pitt.
- Check sanity of the TrueType "loca" table. Specially crafted broken
tables caused disk space exhaustion due to very large generated glyph
descriptions when attempting to fix the table.
- Upstream patch scheduled for xpdf 3.01.
- CAN-2005-2097
* debian/watch:
- fixed, patch by Jerome Warnier <jwarnier@beeznest.net> (Closes: #310996).
* New upstream release
* Upstream fixed the Qt build bug, so now I can enable Qt
build. (Closes:#307340) It leads two new binary packages
libpoppler0-qt and libpoppler-qt-dev.
* Excluded DEB_CONFIGURE_SYSCONFDIR setting, which is obsolete by the
upstream removal of xpdfrc config.
* Added shlib version info for libpoppler0-glib.
* Corrected dependencies of libpoppler0-glib and libpoppler-glib-dev.
(Closes: #306897)
* Build-Depends on libgtk2.0-dev for -glib packages. (Closes: #306885)
* Corrected descriptions of -glib packages.
* New upstream release (Closes: #306573)
* Added new binary packages libpoppler0-glib and libpoppler-glib-dev,
which are GLib-based interfaces. Qt interface build is termporarily
disabled, because of an upstream FTBFS.
* Initial Release (Closes: #299518)