Please backport pdfedit v0.4.1 fom intrepid to hardy

Bug #240427 reported by Thomas Winteler (Win-Soft) on 2008-06-16
258
Affects Status Importance Assigned to Milestone
Hardy Backports
Wishlist
Unassigned
pdfedit (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: pdfedit

hi all

on the current kubuntu hardy version there is only the pdfedit version 0.3.2 in the repos... please include the latest version of pdfedit v0.4.1.

my current system:

lsb_release -rd
Description: Ubuntu 8.04
Release: 8.04

apt-cache policy pdfedit
pdfedit:
  Installed: 0.3.2-5ubuntu2
  Candidate: 0.3.2-5ubuntu2
  Version table:
 *** 0.3.2-5ubuntu2 0
        500 http://ch.archive.ubuntu.com hardy/universe Packages
        100 /var/lib/dpkg/status

thanks
thomi

Changed in pdfedit:
status: New → Invalid
status: Invalid → New
status: New → Invalid
h1repp (heinz-repp) on 2008-07-15
description: updated
h1repp (heinz-repp) wrote :

Hello,

I just want to second this request and present further details why it would be worthy:

pdfedit is unrivaled when it comes to editing a pdf without any conversion to another format, doing all the work with the pdf objects themself.

The new version 0.4.1 has some major enhancements and security fixes as compared to the 0.3.2 that is in hardy repositories. The most significant part is that the version of xpdf that is compiled statically into the executable is so much newer, the one in the repositories is still vulnerable to the xpdf exploit from 2007. I quote from the version 0.4.0 announcement::

- many bug fixes (see Changelog) some of them security related.
- last 3.02 xpdf code base imported to the tree. This bring
some new features like anti-aliasing for vectored graphics,
support for PDF 1.6, 1.7 specification, security fixes and
many others (see src/xpdf/CHANGES for complete changelog)

Regarding hardy's LTS status it would be great if users had an option not to stick with its vulnerable version unable to work with newer pdfs for the next years.

Thank you

h1repp

description: updated

I'm confirming this one. pdfedit builds, installs, and runs without changes on Hardy.

Version tested: 0.4.1-2

Changed in hardy-backports:
importance: Undecided → Wishlist
status: New → Triaged
Scott Kitterman (kitterman) wrote :

Ack from ubuntu-backporters. Note that if there are security fixes in this release, someone ought to go see about getting those in the release version.

Changed in hardy-backports:
status: Triaged → In Progress
Colin Watson (cjwatson) wrote :

I'm reopening the pdfedit task for the security concern, and I'll flag this as a security vulnerability to bring it to the attention of the security team.

Changed in pdfedit:
status: Invalid → New
Colin Watson (cjwatson) wrote :

 * Trying to backport pdfedit...
  - <pdfedit_0.4.1-2.dsc: downloading from librarian>
  - <pdfedit_0.4.1-2.diff.gz: downloading from librarian>
  - <pdfedit_0.4.1.orig.tar.gz: downloading from librarian>
I: Extracting pdfedit_0.4.1-2.dsc ... done.
I: Building backport of pdfedit-0.4.1 as 0.4.1-2~hardy1 ... done.

Changed in hardy-backports:
status: In Progress → Fix Released
csola48 (mail-csordaslaszlo) wrote :

From where can be downloaded: pdfedit-0.4.1 as 0.4.1-2~hardy1?
Thx,
warp

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

https://help.ubuntu.com/community/UbuntuBackports - Follow the
instructions on How to Enable Backports

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: http://getfiregpg.org

iEYEARECAAYFAki9BmYACgkQpblTBJ2i2psgZQCfbKHsaPrtI77syzuPU6irWLSZ
SesAnRFJ9uHEf6tJr3cZN7t+cArrMB2C
=uhas
-----END PGP SIGNATURE-----

On Tue, Sep 2, 2008 at 5:11 AM, warp <email address hidden> wrote:
> >From where can be downloaded: pdfedit-0.4.1 as 0.4.1-2~hardy1?
> Thx,
> warp
>
> --
> Please backport pdfedit v0.4.1 fom intrepid to hardy
> https://bugs.launchpad.net/bugs/240427
> You received this bug notification because you are a member of Ubuntu
> Backports Testing Team, which is subscribed to Hardy Backports.
>

Enable the hardy-backports repository and then install/upgrade as you would
any Ubuntu package.

Hello all

thanks to Colin Watson and all other for this...

have a nice day...

greetings from switzerland
thomi

Kees Cook (kees) on 2009-01-24
Changed in pdfedit:
status: New → Confirmed
Przemek K. (azrael) on 2009-12-21
Changed in pdfedit (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers