Ubuntu
qpdf package

Change logs for qpdf source package in Mantic

Mantic (23.10)
Change log

qpdf (11.5.0-1ubuntu1.1) mantic-security; urgency=medium

  * SECURITY UPDATE: heap overflow via std::__shared_count()
    - debian/patches/CVE-2024-24246.patch: handle parse error stream data
      in libqpdf/QPDF_json.cc, qpdf/qpdf.testcov, qpdf/qtest/*.
    - CVE-2024-24246

 -- Marc Deslauriers <email address hidden>  Wed, 20 Mar 2024 10:40:27 -0400

qpdf (11.5.0-1ubuntu1) mantic; urgency=medium

  * Fix data loss bug introduced in 11.0.0 and fixed in 11.6.3. The bug
    causes the qpdf tokenizer to discard the character after a one-digit
    or two-digit quoted octal string. Most writers don't create these, and
    they are rare outside of content streams. By default, qpdf doesn't
    parse content streams. The most common place for this to occur would
    be in a document's /ID string, but in the worst case, this bug could
    cause silent damage to some strings in a PDF file's metadata, such as
    bookmark names or form field values. (LP: #2039804)

 -- Jay Berkenbilt <email address hidden>  Thu, 19 Oct 2023 07:20:25 -0400

qpdf (11.5.0-1) unstable; urgency=medium

  * New upstream release.
  * Bump standards to 4.6.2. No changes required

 -- Jay Berkenbilt <email address hidden>  Sun, 09 Jul 2023 10:42:20 -0400

qpdf (11.4.0-1) experimental; urgency=medium

  * New upstream release.

 -- Till Kamppeter <email address hidden>  Sun, 21 May 2023 18:01:52 -0400

qpdf (11.3.0-1) unstable; urgency=medium

  * New upstream release.

 -- Jay Berkenbilt <email address hidden>  Sat, 25 Feb 2023 17:24:01 -0500

Ubuntuqpdf package

Change logs for qpdf source package in Mantic

Ubuntu
qpdf package