Format: 1.8 Date: Wed, 26 Jun 2019 09:59:06 -0400 Source: poppler Binary: libpoppler73 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0v5 libpoppler-cpp-dev poppler-utils Architecture: i386 Version: 0.62.0-2ubuntu2.9 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: gir1.2-poppler-0.18 - GObject introspection data for poppler-glib libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface) libpoppler-cpp0v5 - PDF rendering library (CPP shared library) libpoppler-dev - PDF rendering library -- development files libpoppler-glib-dev - PDF rendering library -- development files (GLib interface) libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface libpoppler-glib8 - PDF rendering library (GLib-based shared library) libpoppler-private-dev - PDF rendering library -- private development files libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library) libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface) libpoppler73 - PDF rendering library poppler-utils - PDF utilities (based on Poppler) Changes: poppler (0.62.0-2ubuntu2.9) bionic-security; urgency=medium . * SECURITY UPDATE: memory leak in GfxColorSpace::setDisplayProfile - debian/patches/CVE-2018-18897.patch: enforcing single initialization in poppler/GfxState.cc, qt5/src/poppler-qt5.h. - CVE-2018-18897 * SECURITY UPDATE: DoS via crafted PDF file - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a Dict in utils/pdfunite.cc. - CVE-2018-20662 * SECURITY UPDATE: buffer over-read in downsample_row_box_filter - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values for box filter in poppler/CairoRescaleBox.cc. - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in rescale filter in poppler/CairoRescaleBox.cc. - CVE-2019-9631 * SECURITY UPDATE: dict marking mishandling - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file in poppler/PDFDoc.cc. - CVE-2019-9903 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping boxes in splash/Splash.cc. - CVE-2019-10872 * SECURITY UPDATE: buffer over-read in JPXStream::init - debian/patches/CVE-2019-12293.patch: fail gracefully if not all components have the same WxH in poppler/JPEG2000Stream.cc. - CVE-2019-12293 Checksums-Sha1: 3d0ca5c0fe32a8c32d8d52910a481155dc744dd8 18476 gir1.2-poppler-0.18_0.62.0-2ubuntu2.9_i386.deb 55124185fd88b7c6a9a6912d06e380a90705473a 8672 libpoppler-cpp-dev_0.62.0-2ubuntu2.9_i386.deb f5534904a2945e7c6a086c2a71f37b1315f0915d 441036 libpoppler-cpp0v5-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb be8730de1808fa46066c9cd9a544ce0cca884dbd 30564 libpoppler-cpp0v5_0.62.0-2ubuntu2.9_i386.deb ac9aad02bba6b20a712fe1c72229b824b3b9af68 4604 libpoppler-dev_0.62.0-2ubuntu2.9_i386.deb ba256910b625bc56f14d00772781b547dd7ce595 47724 libpoppler-glib-dev_0.62.0-2ubuntu2.9_i386.deb 5275746acb46494ab24cdeb26e72f264ef3462a5 810460 libpoppler-glib8-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb b0cf9af9d68c0c813f2d0cfde707e3f9eadc5fce 114020 libpoppler-glib8_0.62.0-2ubuntu2.9_i386.deb 7b0ba111ce80a6d43bb058b68f766bcd9d90e3c1 169076 libpoppler-private-dev_0.62.0-2ubuntu2.9_i386.deb 8f5fa8b85283247ca1563e61d4fe92cbd9337e93 2784968 libpoppler-qt5-1-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 2b89285092e6e6b1b5f5e02d71f1811fe6453e77 155200 libpoppler-qt5-1_0.62.0-2ubuntu2.9_i386.deb 2a450d34177530c50e0d8fcdd2721ae72f2aac9b 32296 libpoppler-qt5-dev_0.62.0-2ubuntu2.9_i386.deb 809f5892b1d25a1a14eb3948050c061b8fd223a7 2662592 libpoppler73-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 3ae4cff311691899e3ef58536008df24ff1dbfd9 832288 libpoppler73_0.62.0-2ubuntu2.9_i386.deb e38fb080367d434730db8b19764ba1dd51777dd8 1086920 poppler-utils-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 0e4ae676769c353bdce44f89b56789abd5a1b0e4 158312 poppler-utils_0.62.0-2ubuntu2.9_i386.deb 25a7b6131aef32ae882704fb42dc201759261786 18985 poppler_0.62.0-2ubuntu2.9_i386.buildinfo Checksums-Sha256: 59aef19d37581f6647dbd33d3e8e47fc683c5ab41d3b6c9316a8e1f21f8705c8 18476 gir1.2-poppler-0.18_0.62.0-2ubuntu2.9_i386.deb 48a0c0650e3f1aa0458aba970614f050650f25db99f5db22ece8501946b4c311 8672 libpoppler-cpp-dev_0.62.0-2ubuntu2.9_i386.deb c2f37431874698fe8b9dd7813e5e662497f2d02e0b5a0b463fc5982fe24564f5 441036 libpoppler-cpp0v5-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb f0a41b6e8ecc8bdddfa25930d6de007d158535e3fac4270a467187979ba7fa3d 30564 libpoppler-cpp0v5_0.62.0-2ubuntu2.9_i386.deb e858c99211318e6ed10c3d030d4e2993b1d21283422ddb54216e143a98b90f3d 4604 libpoppler-dev_0.62.0-2ubuntu2.9_i386.deb fe985739beff81b678e13f65eb1d746db20337f13b0f9aa000421aacba9bdcc5 47724 libpoppler-glib-dev_0.62.0-2ubuntu2.9_i386.deb 6bd4801b4a84653b630077c56520db8ae98b534818c1b9e509e0a0d616455b50 810460 libpoppler-glib8-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 3273c59d492ac35e719e122ad75e420b8341c8e138da522b09fbeb1af8568ec7 114020 libpoppler-glib8_0.62.0-2ubuntu2.9_i386.deb 23e6880fcebcc04fbd9eeded6876a34ed64fe6784b87112f80660da2e551969c 169076 libpoppler-private-dev_0.62.0-2ubuntu2.9_i386.deb dd8cc33cfc21b8118945ff838ffabc47df2100470c9d42a1557dca4052a7e37a 2784968 libpoppler-qt5-1-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 6d17ac204b6efb5bbfa0d350dd531c6b05feff97c8b14b2e5ccf16d45a5fd7e8 155200 libpoppler-qt5-1_0.62.0-2ubuntu2.9_i386.deb 3037156a1875ff0259b78c7258a895eab6c7af98a215757c693e68843bc1f27d 32296 libpoppler-qt5-dev_0.62.0-2ubuntu2.9_i386.deb 4b6fd3c1114961518d2ae5f8cddf03c573c86f871073abcafe752c6accbaf786 2662592 libpoppler73-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 8db9c98072c0939ab840587866fd905d54d2175668f4b79cd9d52c58b0701ca6 832288 libpoppler73_0.62.0-2ubuntu2.9_i386.deb a9a4d474e86da9f71633af0134fb1068fe52239b88fadf9315e0b23cad085b85 1086920 poppler-utils-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb c2479767a5279b04f38b56a6bcdd2cb02ee04c1d8ebd5ac12fa5bc7eb2bde7fd 158312 poppler-utils_0.62.0-2ubuntu2.9_i386.deb faeb726cded27ca1f76072cc07a7a28b4c685f192f30f66d115a1e265400c245 18985 poppler_0.62.0-2ubuntu2.9_i386.buildinfo Files: e86ee5ceb2b21a9fefab601bc944c346 18476 introspection optional gir1.2-poppler-0.18_0.62.0-2ubuntu2.9_i386.deb 13b50db94320f3112bacc90f0eee3455 8672 libdevel optional libpoppler-cpp-dev_0.62.0-2ubuntu2.9_i386.deb 26c5bdd8cf83b69862a3898802b9ecfe 441036 debug optional libpoppler-cpp0v5-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb ce648e17ed25f65b17483f9b0d8b25ad 30564 libs optional libpoppler-cpp0v5_0.62.0-2ubuntu2.9_i386.deb d3ba0f112990e5f4f487bb59858d1937 4604 libdevel optional libpoppler-dev_0.62.0-2ubuntu2.9_i386.deb 42177e0245c9fc73e1a591abfe7d5cb3 47724 libdevel optional libpoppler-glib-dev_0.62.0-2ubuntu2.9_i386.deb cf4f1dfcf6cb917edf0fa29fab0f52ae 810460 debug optional libpoppler-glib8-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 7da1262a89c97bb967eb726f09bd5889 114020 libs optional libpoppler-glib8_0.62.0-2ubuntu2.9_i386.deb 6dce049ed95f55c67d301ac339cfb29d 169076 libdevel optional libpoppler-private-dev_0.62.0-2ubuntu2.9_i386.deb a0bc61d913f2365f9cafa2e7c5a79400 2784968 debug optional libpoppler-qt5-1-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb 152ce87a5693a551d7892f7e1d5947c3 155200 libs optional libpoppler-qt5-1_0.62.0-2ubuntu2.9_i386.deb 94687e0816daabf3f6f0fcf3b52e1439 32296 libdevel optional libpoppler-qt5-dev_0.62.0-2ubuntu2.9_i386.deb 6368846278091f0fa7c00a0558c543da 2662592 debug optional libpoppler73-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb bf6d19c3cec1855d548c079d62f79456 832288 libs optional libpoppler73_0.62.0-2ubuntu2.9_i386.deb 4ab50c17817f03bf5ffdfd39a57c6dbe 1086920 debug optional poppler-utils-dbgsym_0.62.0-2ubuntu2.9_i386.ddeb e2a7569b8b455e19356773556b9de4ed 158312 utils optional poppler-utils_0.62.0-2ubuntu2.9_i386.deb e4d2c4d2c2d22cc065f47d51057ac063 18985 devel optional poppler_0.62.0-2ubuntu2.9_i386.buildinfo Original-Maintainer: Debian freedesktop.org maintainers