-
qpdf (8.0.2-3ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted PDF file
- debian/patches/CVE-2018-18020.patch: give up reading objects with too
many consecutive errors in libqpdf/QPDFObjectHandle.cc,
qpdf/qtest/qpdf.test, qpdf/qtest/qpdf/issue-100.out.
- CVE-2018-18020
* SECURITY UPDATE: heap-based buffer overflow in Pl_ASCII85Decoder::write
- debian/patches/CVE-2021-36978.patch: fix some pipelines to be safe if
downstream write fails in libqpdf/Pl_AES_PDF.cc,
libqpdf/Pl_ASCII85Decoder.cc, libqpdf/Pl_ASCIIHexDecoder.cc,
libqpdf/Pl_Count.cc.
- CVE-2021-36978
-- Marc Deslauriers <email address hidden> Wed, 28 Jul 2021 09:13:45 -0400
-
qpdf (8.0.2-3) unstable; urgency=medium
* Add patch for CVE-2018-9918 from upstream commit
b4d6cf6836ce025ba1811b7bbec52680c7204223. (Closes: #895443)
-- Jay Berkenbilt <email address hidden> Sun, 15 Apr 2018 16:24:12 -0400
-
qpdf (8.0.2-1) unstable; urgency=medium
* New upstream release.
-- Jay Berkenbilt <email address hidden> Tue, 06 Mar 2018 11:54:54 -0500
-
qpdf (8.0.1-1) unstable; urgency=medium
* New upstream release.
-- Jay Berkenbilt <email address hidden> Sun, 04 Mar 2018 08:40:53 -0500
-
qpdf (8.0.0-1) unstable; urgency=medium
* New upstream release.
-- Jay Berkenbilt <email address hidden> Sun, 25 Feb 2018 16:55:10 -0500
-
qpdf (7.1.1-1) unstable; urgency=medium
* New upstream release.
-- Jay Berkenbilt <email address hidden> Sun, 04 Feb 2018 19:05:20 -0500
-
qpdf (7.1.0-1) unstable; urgency=medium
* New upstream release.
* Update standards to 4.1.3. No changes required.
-- Jay Berkenbilt <email address hidden> Sun, 14 Jan 2018 22:22:11 -0500
-
qpdf (7.0.0-1) unstable; urgency=medium
* New upstream release.
-- Jay Berkenbilt <email address hidden> Fri, 15 Sep 2017 23:12:59 -0400