libpoppler0c2: source taken from xpdf may introduce heap-overflow vulnerabilities
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
poppler (Debian) |
Fix Released
|
Unknown
|
|||
poppler (Ubuntu) |
Fix Released
|
High
|
Martin Pitt |
Bug Description
Automatically imported from Debian bug report #342288 http://
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#1 |
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#2 |
clone 342281 -1 -2 -3
reassign -1 gpdf
retitle -1 gpdf: source taken from xpdf may introduce heap-overflow vulnerabilities
reassign -2 kpdf
retitle -2 kpdf: source taken from xpdf may introduce heap-overflow vulnerabilities
reassign -3 libpoppler0c2
retitle -3 libpoppler0c2: source taken from xpdf may introduce heap-overflow vulnerabilities
stop
Following the news at heise.de
(http://
gpdf and the poppler library could be or are affected too. Please test,
if this is true.
Regards, Daniel
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #3 |
Automatically imported from Debian bug report #342288 http://
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #4 |
Message-Id: <email address hidden>
Date: Wed, 07 Dec 2005 06:42:55 +1100
From: Paul Szabo <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: xpdf-reader: security issues by iDefense
Package: xpdf-reader
Version: 3.00-13
Severity: critical
Justification: causes serious data loss
Arbitrary code execution (with privileges as user of package) issues
reported by iDefense:
Multiple Vendor xpdf DCTStream Baseline Heap Overflow Vulnerability
Multiple Vendor xpdf DCTStream Progressive Heap Overflow
Multiple Vendor xpdf StreamPredictor Heap Overflow Vulnerability
Multiple Vendor xpdf JPX Stream Reader Heap Overflow Vulnerability
http://
http://
http://
http://
(Debian, both woody and sarge, is specifically mentioned as vulnerable.)
Reported also on public mailing lists, see
http://
http://
Upstream/vendor patches are apparently available.
Cheers,
Paul Szabo <email address hidden> http://
School of Mathematics and Statistics University of Sydney Australia
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-spm0.5
Locale: LANG=C, LC_CTYPE=C (charmap=
Versions of packages xpdf-reader depends on:
ii gsfonts 8.14+v8.11+urw-0.2 Fonts for the Ghostscript interpre
ii lesstif2 1:0.93.94-11.4 OSF/Motif 2.1 implementation relea
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libfreetype6 2.1.7-2.4 FreeType 2 font engine, shared lib
ii libgcc1 1:3.4.3-13 GCC support library
ii libice6 4.3.0.dfsg.
ii libpaper1 1.1.14-3 Library for handling paper charact
ii libsm6 4.3.0.dfsg.
ii libstdc++5 1:3.3.5-13 The GNU Standard C++ Library v3
ii libt1-5 5.0.2-3 Type 1 font rasterizer library - r
ii libx11-6 4.3.0.dfsg.
ii libxext6 4.3.0.dfsg.
ii libxp6 4.3.0.dfsg.
ii libxpm4 4.3.0.dfsg.
ii libxt6 4.3.0.dfsg.
ii xlibs 4.3.0.dfsg.
ii xpdf-common 3.00-13 Portable Document Format (PDF) sui
ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime
-- no debconf information
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #5 |
Message-Id: <email address hidden>
Date: Tue, 6 Dec 2005 12:07:45 -0800
From: Steve Langasek <email address hidden>
To: <email address hidden>
Subject: severity of 342281 is grave
# Automatically generated email from bts, devscripts version 2.9.9
severity 342281 grave
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #6 |
Message-Id: <1133902712.
Date: Tue, 06 Dec 2005 21:58:32 +0100
From: Daniel Leidert <email address hidden>
To: <email address hidden>, <email address hidden>
Subject: gpdf, kpdf and poppler could be affected too
clone 342281 -1 -2 -3
reassign -1 gpdf
retitle -1 gpdf: source taken from xpdf may introduce heap-overflow vulnerabilities
reassign -2 kpdf
retitle -2 kpdf: source taken from xpdf may introduce heap-overflow vulnerabilities
reassign -3 libpoppler0c2
retitle -3 libpoppler0c2: source taken from xpdf may introduce heap-overflow vulnerabilities
stop
Following the news at heise.de
(http://
gpdf and the poppler library could be or are affected too. Please test,
if this is true.
Regards, Daniel
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#7 |
tags 342288 security
thanks
Hi,
I can confirm that poppler is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #8 |
Message-ID: <email address hidden>
Date: Tue, 6 Dec 2005 23:07:40 +0100
From: Moritz Muehlenhoff <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: poppler confirmed vulnerable to latest xpdf issues
tags 342288 security
thanks
Hi,
I can confirm that poppler is vulnerable to all the latest xpdf vulnerabilities,
please mention the CVE mappings from the iDefense advisories in the changelog
when fixing this.
Cheers,
Moritz
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#9 |
Hi!
I'm currently preparing Ubuntu security updates for these issues, and
I noticed that the upstream provided patch is wrong. I sent the mail
below to upstream (and some others).
Can you please check that you indeed fixed (tetex-bin)/will fix
(poppler) DCTStream:
Thanks,
Martin
----- Forwarded message from Martin Pitt <email address hidden> -----
From: Martin Pitt <email address hidden>
To: <email address hidden>, <email address hidden>, Dirk Mueller <email address hidden>
Subject: Re: [vendor-sec] xpdf update - patch wrong?
Mail-Followup-To: <email address hidden>, <email address hidden>,
Dirk Mueller <email address hidden>
Date: Thu, 8 Dec 2005 11:20:37 +0100
X-Spam-Status: No, score=1.0 required=4.0 tests=AWL,BAYES_50,
RCVD_IN_
Hi Derek, hi Dirk, hi Vendor-Sec!
Josh Bressers [2005-12-06 13:50 -0500]:
> In the event any of you missed this:
>
> http://
> http://
It seems that the patch linked from these advisories [1] is a little
bit flawed: it checks numComps twice in DCTStream:
but does not check it in DCTStream:
It *seems* that KDE spotted and removed the double check in their
kdegraphics patch [2], but unless they removed
DCTStream:
check yet), these patches now have the same flaw.
Thanks,
Martin
[1] ftp://ftp.
[2] ftp://ftp.
--
Martin Pitt http://
Ubuntu Developer http://
Debian Developer http://
In a world without walls and fences, who needs Windows and Gates?
----- End forwarded message -----
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #10 |
Message-ID: <email address hidden>
Date: Thu, 8 Dec 2005 12:21:57 +0100
From: Martin Pitt <email address hidden>
To: <email address hidden>, <email address hidden>
Subject: Fwd: Re: [vendor-sec] xpdf update - patch wrong?
--Dzs2zDY0zgkG72+7
Content-Type: text/plain; charset=us-ascii
Content-
Content-
Hi!
I'm currently preparing Ubuntu security updates for these issues, and
I noticed that the upstream provided patch is wrong. I sent the mail
below to upstream (and some others).
Can you please check that you indeed fixed (tetex-bin)/will fix
(poppler) DCTStream:
Thanks,
Martin
----- Forwarded message from Martin Pitt <email address hidden> -----
=46rom: Martin Pitt <email address hidden>
To: <email address hidden>, <email address hidden>, Dirk Mueller <email address hidden>
Subject: Re: [vendor-sec] xpdf update - patch wrong?
Mail-Followup-To: <email address hidden>, <email address hidden>,
Dirk Mueller <email address hidden>
Date: Thu, 8 Dec 2005 11:20:37 +0100
X-Spam-Status: No, score=3D1.0 required=3D4.0 tests=3DAWL,
RCVD_IN_
Hi Derek, hi Dirk, hi Vendor-Sec!
Josh Bressers [2005-12-06 13:50 -0500]:
> In the event any of you missed this:
>=20
> http://
lities
> http://
lities
It seems that the patch linked from these advisories [1] is a little
bit flawed: it checks numComps twice in DCTStream:
but does not check it in DCTStream:
It *seems* that KDE spotted and removed the double check in their
kdegraphics patch [2], but unless they removed
DCTStream:
check yet), these patches now have the same flaw.
Thanks,
Martin
[1] ftp://ftp.
[2] ftp://ftp.
005-3193.diff
--=20
Martin Pitt http://
Ubuntu Developer http://
Debian Developer http://
In a world without walls and fences, who needs Windows and Gates?
----- End forwarded message -----
--Dzs2zDY0zgkG72+7
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDmBdVDec
PNLCquUaYwRRfhC
=JqTt
-----END PGP SIGNATURE-----
--Dzs2zDY0zgkG7
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#11 |
tag 342288 patch
thanks
Hi!
We found more flaws in upstream's xpdf patch, it checked
multiplication overflows *after* the overflow occured, which is not
valid.
The current patch
http://
checks multiplication overflows properly and also adds the two
missing numComps checks that are missing in xpdf upstream's patch.
Thanks,
Martin
--
Martin Pitt http://
Ubuntu Developer http://
Debian Developer http://
In a world without walls and fences, who needs Windows and Gates?
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #12 |
Message-ID: <email address hidden>
Date: Mon, 12 Dec 2005 11:03:02 +0100
From: Martin Pitt <email address hidden>
To: <email address hidden>
Cc: <email address hidden>
Subject: Ubuntu security patch
--A6N2fC+uXW/VQSAv
Content-Type: text/plain; charset=us-ascii
Content-
Content-
tag 342288 patch
thanks
Hi!
We found more flaws in upstream's xpdf patch, it checked
multiplication overflows *after* the overflow occured, which is not
valid.
The current patch
http://
checks multiplication overflows properly and also adds the two
missing numComps checks that are missing in xpdf upstream's patch.
Thanks,
Martin
--=20
Martin Pitt http://
Ubuntu Developer http://
Debian Developer http://
In a world without walls and fences, who needs Windows and Gates?
--A6N2fC+uXW/VQSAv
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDnUrWDec
zq9Q4slfHUmuRr/
=i2Iv
-----END PGP SIGNATURE-----
--A6N2fC+
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Martin Pitt (pitti) wrote : | #13 |
fixed in USN-227-1, dapper was fixed as well.
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#14 |
Hi,
since this bug has been open for quite a while, I'm currently preparing
an NMU for this bug, using the attached patch. I'm going to upload it
without a delay.
Regards, Frank
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #15 |
Message-ID: <email address hidden>
Date: Fri, 23 Dec 2005 16:50:21 +0100
From: =?iso-8859-
To: <email address hidden>
Subject: NMU for this bug
--=-=-=
Content-Type: text/plain; charset=iso-8859-1
Content-
Hi,=20
since this bug has been open for quite a while, I'm currently preparing
an NMU for this bug, using the attached patch. I'm going to upload it
without a delay.
Regards, Frank
--=20
Frank K=FCster
Inst. f. Biochemie der Univ. Z=FCrich
Debian Developer
--=-=-=
Content-Type: text/x-patch; charset=iso-8859-1
Content-
Content-
diff -Nur poppler-
--- poppler-
+++ poppler-
@@ -1,3 +1,26 @@
+poppler (0.4.2-1.1) unstable; urgency=3Dhigh
+
+ * SECURITY UPDATE: Multiple integer/buffer overflows.
+
+ * NMU to fix RC security bug (closes: #342288)
+ * Add debian/
+ thanks to Martin Pitt:
+ * poppler/Stream.cc, DCTStream:
+ DCTStream:
+ - Check numComps for invalid values.
+ - http://
erabilities
+ - CVE-2005-3191
+ * poppler/Stream.cc, StreamPredictor
+ - Check rowBytes for invalid values.
+ - http://
erabilities
+ - CVE-2005-3192
+ * poppler/
+ - Check img.nXTiles * img.nYTiles for integer overflow.
+ - http://
nerabilities
+ - CVE-2005-3193
+
+ -- Frank K=FCster <email address hidden> Fri, 23 Dec 2005 16:36:30 +0100
+
poppler (0.4.2-1) unstable; urgency=3Dlow
=20
* GNOME Team upload.
diff -Nur poppler-
.4.2.new/
--- poppler-
0:00.000000000 +0100
+++ poppler-
16:15:37.000000000 +0100
@@ -0,0 +1,156 @@
+diff -Nur poppler-
Stream.cc
+--- poppler-
++++ poppler-
0100
+@@ -7,6 +7,7 @@
+ //=3D=3D=
=3D=3D=
=3D=3D=
+=20
+ #include <config.h>
++#include <limits.h>
+=20
+ #ifdef USE_GCC_PRAGMAS
+ #pragma implementation
+@@ -666,7 +667,7 @@
+ int segType;
+ GBool haveSIZ, haveCOD, haveQCD, haveSOT;
+ Guint precinctSize, style;
+- Guint segLen, capabilities, comp, i, j, r;
++ Guint segLen, capabilities, nT...
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#16 |
tag 342288 + fixed
quit
This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 23 Dec 2005 16:36:30 +0100
Source: poppler
Binary: libpoppler-glib-dev libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source i386
Version: 0.4.2-1.1
Distribution: unstable
Urgency: high
Maintainer: Changwoo Ryu <email address hidden>
Changed-By: Frank Küster <email address hidden>
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-
libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
libpoppler0c2 - PDF rendering library
libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
Closes: 342288
Changes:
poppler (0.4.2-1.1) unstable; urgency=high
.
* SECURITY UPDATE: Multiple integer/buffer overflows.
.
* NMU to fix RC security bug (closes: #342288)
* Add debian/
thanks to Martin Pitt:
* poppler/Stream.cc, DCTStream:
DCTStream:
- Check numComps for invalid values.
- http://
- CVE-2005-3191
* poppler/Stream.cc, StreamPredictor
- Check rowBytes for invalid values.
- http://
- CVE-2005-3192
* poppler/
- Check img.nXTiles * img.nYTiles for integer overflow.
- http://
- CVE-2005-3193
Files:
fa5985bf510c5d
384879819f5e5d
0247cf16c73b8b
beaa0aa70ca971
78fc2dcc40d9e3
c5234e6480d01d
a1c780d7a092ae
48fafdd9dea81c
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDrB+
pxGJG86s2jzHK+
=sW6p
-----END PGP SIGNATURE-----
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #17 |
Message-Id: <email address hidden>
Date: Sat, 24 Dec 2005 01:32:07 -0800
From: =?utf-8?
To: <email address hidden>
Cc: =?utf-8?
Subject: Fixed in NMU of poppler 0.4.2-1.1
tag 342288 + fixed
quit
This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 23 Dec 2005 16:36:30 +0100
Source: poppler
Binary: libpoppler-glib-dev libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source i386
Version: 0.4.2-1.1
Distribution: unstable
Urgency: high
Maintainer: Changwoo Ryu <email address hidden>
Changed-By: Frank Küster <email address hidden>
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-
libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
libpoppler0c2 - PDF rendering library
libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
Closes: 342288
Changes:
poppler (0.4.2-1.1) unstable; urgency=high
.
* SECURITY UPDATE: Multiple integer/buffer overflows.
.
* NMU to fix RC security bug (closes: #342288)
* Add debian/
thanks to Martin Pitt:
* poppler/Stream.cc, DCTStream:
DCTStream:
- Check numComps for invalid values.
- http://
- CVE-2005-3191
* poppler/Stream.cc, StreamPredictor
- Check rowBytes for invalid values.
- http://
- CVE-2005-3192
* poppler/
- Check img.nXTiles * img.nYTiles for integer overflow.
- http://
- CVE-2005-3193
Files:
fa5985bf510c5d
384879819f5e5d
0247cf16c73b8b
beaa0aa70ca971
78fc2dcc40d9e3
c5234e6480d01d
a1c780d7a092ae
48fafdd9dea81c
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDrB+
pxGJG86s2jzHK+
=sW6p
-----END PGP SIGNATURE-----
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
|
#18 |
Source: poppler
Source-Version: 0.4.3-1
We believe that the bug you reported is fixed in the latest version of
poppler, which is due to be installed in the Debian FTP archive:
libpoppler-
to pool/main/
libpoppler-
to pool/main/
libpoppler-
to pool/main/
libpoppler0c2-
to pool/main/
libpoppler0c2-
to pool/main/
libpoppler0c2_
to pool/main/
poppler-
to pool/main/
poppler_
to pool/main/
poppler_0.4.3-1.dsc
to pool/main/
poppler_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
OndÅej Surý <email address hidden> (supplier of updated poppler package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 30 Dec 2005 11:34:07 +0100
Source: poppler
Binary: libpoppler-glib-dev poppler-utils libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source i386
Version: 0.4.3-1
Distribution: unstable
Urgency: high
Maintainer: OndÅej Surý <email address hidden>
Changed-By: OndÅej Surý <email address hidden>
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-
libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
libpoppler0c2 - PDF rendering library
libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
poppler-utils - PDF utilitites (based on libpoppler)
Closes: 314556 322964 328211 330544 342288 344738
Changes:
poppler (0.4.3-1) unstable; urgency=high
.
* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
* Fixed some rendering bugs and disabled Cairo output
(Closes: #314556, #322964, #328211)
* Acknowledge NMU (Closes: #342288)
* Add 001-selection-
* Add poppler-utils (merge patch from Ubuntu)
Files:
2c34a504743936
791dc78d8366eb
f32ec16c14fe8f
![](/+icing/build/overlay/assets/skins/sam/images/close.gif)
Debian Bug Importer (debzilla) wrote : | #19 |
Message-Id: <email address hidden>
Date: Fri, 30 Dec 2005 09:37:56 -0800
From: =?utf-8?
To: <email address hidden>
Subject: Bug#342288: fixed in poppler 0.4.3-1
Source: poppler
Source-Version: 0.4.3-1
We believe that the bug you reported is fixed in the latest version of
poppler, which is due to be installed in the Debian FTP archive:
libpoppler-
to pool/main/
libpoppler-
to pool/main/
libpoppler-
to pool/main/
libpoppler0c2-
to pool/main/
libpoppler0c2-
to pool/main/
libpoppler0c2_
to pool/main/
poppler-
to pool/main/
poppler_
to pool/main/
poppler_0.4.3-1.dsc
to pool/main/
poppler_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ondřej Surý <email address hidden> (supplier of updated poppler package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 30 Dec 2005 11:34:07 +0100
Source: poppler
Binary: libpoppler-glib-dev poppler-utils libpoppler0c2-qt libpoppler-qt-dev libpoppler-dev libpoppler0c2-glib libpoppler0c2
Architecture: source i386
Version: 0.4.3-1
Distribution: unstable
Urgency: high
Maintainer: Ondřej Surý <email address hidden>
Changed-By: Ondřej Surý <email address hidden>
Description:
libpoppler-dev - PDF rendering library -- development files
libpoppler-
libpoppler-qt-dev - PDF rendering library -- development files (Qt interface)
libpoppler0c2 - PDF rendering library
libpoppler0c2-glib - PDF rendering library (GLib-based shared library)
libpoppler0c2-qt - PDF rendering library (Qt-based shared library)
poppler-utils - PDF utilitites (based on libpoppler)
Closes: 314556 322964 328211 330544 342288 344738
Changes:
poppler (0.4.3-1) unstable; urgency=high
.
* New upstream release.
* New maintainer (Closes: #344738)
* CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
* Fixed some rendering bugs and disabled Cairo output
(Closes: #314556, #322964, #328211)
* Acknowledge NMU (Closes: #342288)
* Add 001-selection-
* Add poppler-utils (merge patch from Ubuntu)
Files:
...
# Automatically generated email from bts, devscripts version 2.9.9
severity 342281 grave