Format: 1.8 Date: Wed, 26 Jun 2019 09:43:05 -0400 Source: poppler Binary: libpoppler79 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils Architecture: i386 Version: 0.68.0-0ubuntu1.7 Distribution: cosmic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: gir1.2-poppler-0.18 - GObject introspection data for poppler-glib libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface) libpoppler-cpp0v5 - PDF rendering library (CPP shared library) libpoppler-dev - PDF rendering library -- development files libpoppler-glib-dev - PDF rendering library -- development files (GLib interface) libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface libpoppler-glib8 - PDF rendering library (GLib-based shared library) libpoppler-private-dev - PDF rendering library -- private development files libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library) libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface) libpoppler79 - PDF rendering library poppler-utils - PDF utilities (based on Poppler) Changes: poppler (0.68.0-0ubuntu1.7) cosmic-security; urgency=medium . * SECURITY UPDATE: memory leak in GfxColorSpace::setDisplayProfile - debian/patches/CVE-2018-18897.patch: enforcing single initialization in poppler/GfxState.cc, qt5/src/poppler-qt5.h. - CVE-2018-18897 * SECURITY UPDATE: DoS via crafted PDF file - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a Dict in utils/pdfunite.cc. - CVE-2018-20662 * SECURITY UPDATE: buffer over-read in downsample_row_box_filter - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values for box filter in poppler/CairoRescaleBox.cc. - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in rescale filter in poppler/CairoRescaleBox.cc. - CVE-2019-9631 * SECURITY UPDATE: dict marking mishandling - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file in poppler/PDFDoc.cc. - CVE-2019-9903 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping boxes in splash/Splash.cc. - CVE-2019-10872 * SECURITY UPDATE: buffer over-read in JPXStream::init - debian/patches/CVE-2019-12293.patch: fail gracefully if not all components have the same WxH in poppler/JPEG2000Stream.cc. - CVE-2019-12293 Checksums-Sha1: adfee5f8d1303a0278236ac202b4b243a795a791 18492 gir1.2-poppler-0.18_0.68.0-0ubuntu1.7_i386.deb 0d1ca4ad6a7837fbad4fe1886995ed7304cc05c5 9348 libpoppler-cpp-dev_0.68.0-0ubuntu1.7_i386.deb bcb1de86101be650899a56588a41a4c6d13bf4f5 617460 libpoppler-cpp0v5-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb 9fa40a8477ecec4c14eee724d8d0aeb94eaa74c0 35668 libpoppler-cpp0v5_0.68.0-0ubuntu1.7_i386.deb 9420bf556ab91ea14dbb616d696693eb77925e59 4600 libpoppler-dev_0.68.0-0ubuntu1.7_i386.deb 84c4a55b8d4f8290a18dd967d11c9d8604743f64 47784 libpoppler-glib-dev_0.68.0-0ubuntu1.7_i386.deb eddd685b6690ea8463f890cfcb932e37d2b55a81 1248508 libpoppler-glib8-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb a8e1e224565c94cb8e5214c88c2ecf64c4fd8363 116376 libpoppler-glib8_0.68.0-0ubuntu1.7_i386.deb 95fdf6d65c83d47073936190c1c484496e12276b 172312 libpoppler-private-dev_0.68.0-0ubuntu1.7_i386.deb e7a63c5da70f29c89e03b91316b602ca791170ea 3705444 libpoppler-qt5-1-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb e3ff0d655c9122e5a875a780faefe621c7742e93 166372 libpoppler-qt5-1_0.68.0-0ubuntu1.7_i386.deb 82c6842c39bff68ba4341f002f7dd36db919f083 32828 libpoppler-qt5-dev_0.68.0-0ubuntu1.7_i386.deb 1f1145fa8bf109c613e48257be930a62679115b9 4561312 libpoppler79-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb 6772944dfbb5482f2e710d1e06d4629cbcf7c735 845900 libpoppler79_0.68.0-0ubuntu1.7_i386.deb c6ad3b477161837e49c64825330a72cd9605714f 2051056 poppler-utils-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb b6e3f685ad47aa564a24b5b568131710d2ae8e08 160140 poppler-utils_0.68.0-0ubuntu1.7_i386.deb 9542b211e5b25d401b0a6d403d78c9c22f3cb185 18681 poppler_0.68.0-0ubuntu1.7_i386.buildinfo Checksums-Sha256: 3f859bcc6883a9de44c19cd658c29004f8fe31c9303959cb68f1aa68eb0fde89 18492 gir1.2-poppler-0.18_0.68.0-0ubuntu1.7_i386.deb 156dc29372048099c0a34ad30c7798ce42197a967593a2ee79b582a5fa14e168 9348 libpoppler-cpp-dev_0.68.0-0ubuntu1.7_i386.deb 936220d2885c6104b954aee52e1989fb62ddbcb6620481d647de1b6cf3d5380f 617460 libpoppler-cpp0v5-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb f1bd2e175781504d82303aaf319cc1d2f9a99ce4cfcc461a38ed23469b75e605 35668 libpoppler-cpp0v5_0.68.0-0ubuntu1.7_i386.deb 14b414e1dfacd995805476f7638ccc57c581f31e0687ac9a957ca1eac1fcb282 4600 libpoppler-dev_0.68.0-0ubuntu1.7_i386.deb 1578d094fe8952e74bfaf974d3f34db6692680c452a17488b751f1a258846653 47784 libpoppler-glib-dev_0.68.0-0ubuntu1.7_i386.deb 56b8a4361a585e979fe37d0922d8a47e2e7c8c22f29070a45b705141d2a777f9 1248508 libpoppler-glib8-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb b9cf5977818420b97bbbecf52978404e83dc9f91f1348f7e17fa4c75fb10c773 116376 libpoppler-glib8_0.68.0-0ubuntu1.7_i386.deb 31d952f4ff14c22a8e7cddf203934e2ae841986041a3b1522432db59e3dfa6d1 172312 libpoppler-private-dev_0.68.0-0ubuntu1.7_i386.deb 77952a6e1d39f5bc0fbc2057e6b868b15dcb8f060026d2b117d4cd32882d3837 3705444 libpoppler-qt5-1-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb d0fc35afaff5e2adcd644d9eb24e9bc61dad2799441a28d37d15e36019daf660 166372 libpoppler-qt5-1_0.68.0-0ubuntu1.7_i386.deb 0301ff3667863e493c5a9c8b05056a54299fa32ade9f54bb337ef6aec9b4688f 32828 libpoppler-qt5-dev_0.68.0-0ubuntu1.7_i386.deb a40c1aff80bf1f7aa9d972eb19017dd4ccbd534e8349d5c24ecd5d9faf5f8211 4561312 libpoppler79-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb af428bfbe380a27f2f3ee65808ba1014b6f3afaeaa208ea699ab07aca4b92c8a 845900 libpoppler79_0.68.0-0ubuntu1.7_i386.deb b166a1e94e0a6e0ca00284faefb018d627802141c45476f267a8dd41e86bcf9b 2051056 poppler-utils-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb df9f4a914535cfb66c7f7e92e2a783ee9b26ae5a082cfe1c33e508b48956e4c6 160140 poppler-utils_0.68.0-0ubuntu1.7_i386.deb 2e05a6104cdf5c68f5dabafe3ad9f26e33acc04675dc4978ac4184fa673dc11b 18681 poppler_0.68.0-0ubuntu1.7_i386.buildinfo Files: 5d085bdbba361048b9b62960b1e1344b 18492 introspection optional gir1.2-poppler-0.18_0.68.0-0ubuntu1.7_i386.deb 9e2ffc70fb38a4011c5e4460eea5e897 9348 libdevel optional libpoppler-cpp-dev_0.68.0-0ubuntu1.7_i386.deb a8de7302d9f1d02593fdc5e054c86d84 617460 debug optional libpoppler-cpp0v5-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb a9fe8132f085102b586b2cfed1b1c1ec 35668 libs optional libpoppler-cpp0v5_0.68.0-0ubuntu1.7_i386.deb 6cacd245fb10d7bfaed49efe064ac344 4600 libdevel optional libpoppler-dev_0.68.0-0ubuntu1.7_i386.deb 8fd96f1ac1b005a62ac8331a317008e7 47784 libdevel optional libpoppler-glib-dev_0.68.0-0ubuntu1.7_i386.deb e0bc8d9a84578ddb0df792b1e9d62135 1248508 debug optional libpoppler-glib8-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb e471342eddf84336fa0a8a0b1a4c95f5 116376 libs optional libpoppler-glib8_0.68.0-0ubuntu1.7_i386.deb e947452a8380a6d41e097b6c67c8d431 172312 libdevel optional libpoppler-private-dev_0.68.0-0ubuntu1.7_i386.deb 1c653a6dc2788664e3567f82aca79764 3705444 debug optional libpoppler-qt5-1-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb 1defd41b5299d9d0070981f62ef77bca 166372 libs optional libpoppler-qt5-1_0.68.0-0ubuntu1.7_i386.deb 4bde3b8a27ee7dff3750b4f085d5d1a5 32828 libdevel optional libpoppler-qt5-dev_0.68.0-0ubuntu1.7_i386.deb 6c5c68d142b0530640a6fde7ffa7577e 4561312 debug optional libpoppler79-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb 34a8bc8881b2ed1526e4db86a2d71cf6 845900 libs optional libpoppler79_0.68.0-0ubuntu1.7_i386.deb f1b31aefd91c01de65f36e661177bc43 2051056 debug optional poppler-utils-dbgsym_0.68.0-0ubuntu1.7_i386.ddeb e591f92597668b219884980b12f07fae 160140 utils optional poppler-utils_0.68.0-0ubuntu1.7_i386.deb 800432395edf528fa81f15433ccd0a82 18681 devel optional poppler_0.68.0-0ubuntu1.7_i386.buildinfo Original-Maintainer: Debian freedesktop.org maintainers