Format: 1.8 Date: Wed, 26 Jun 2019 07:16:49 -0400 Source: poppler Binary: gir1.2-poppler-0.18 libpoppler-cpp-dev libpoppler-cpp0v5 libpoppler-dev libpoppler-glib-dev libpoppler-glib8 libpoppler-private-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler85 poppler-utils Architecture: arm64 Version: 0.74.0-0ubuntu1.2 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: gir1.2-poppler-0.18 - GObject introspection data for poppler-glib libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface) libpoppler-cpp0v5 - PDF rendering library (CPP shared library) libpoppler-dev - PDF rendering library -- development files libpoppler-glib-dev - PDF rendering library -- development files (GLib interface) libpoppler-glib8 - PDF rendering library (GLib-based shared library) libpoppler-private-dev - PDF rendering library -- private development files libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library) libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface) libpoppler85 - PDF rendering library poppler-utils - PDF utilities (based on Poppler) Changes: poppler (0.74.0-0ubuntu1.2) disco-security; urgency=medium . * SECURITY UPDATE: DoS via crafted PDF file - debian/patches/CVE-2018-20662.patch: check XRef's Catalog for being a Dict in utils/pdfunite.cc. - CVE-2018-20662 * SECURITY UPDATE: buffer underwrite in ImageStream::getLine() - debian/patches/CVE-2019-9200.patch: add check to poppler/Stream.cc. - CVE-2019-9200 * SECURITY UPDATE: buffer over-read in downsample_row_box_filter - debian/patches/CVE-2019-9631-1.patch: compute correct coverage values for box filter in poppler/CairoRescaleBox.cc. - debian/patches/CVE-2019-9631-2.patch: constrain number of cycles in rescale filter in poppler/CairoRescaleBox.cc. - CVE-2019-9631 * SECURITY UPDATE: dict marking mishandling - debian/patches/CVE-2019-9903.patch: fix stack overflow on broken file in poppler/PDFDoc.cc. - CVE-2019-9903 * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2019-10872.patch: restrict filling of overlapping boxes in splash/Splash.cc. - CVE-2019-10872 * SECURITY UPDATE: NULL pointer dereference in SplashClip::clipAALine - debian/patches/CVE-2019-10873.patch: make sure the index of allIntersections we access is valid in splash/SplashXPathScanner.cc. - CVE-2019-10873 * SECURITY UPDATE: buffer over-read in JPXStream::init - debian/patches/CVE-2019-12293.patch: fail gracefully if not all components have the same WxH in poppler/JPEG2000Stream.cc. - CVE-2019-12293 Checksums-Sha1: e0e780bcbc1b4e9446d4d21c92737af4e96a42fa 19704 gir1.2-poppler-0.18_0.74.0-0ubuntu1.2_arm64.deb b4c70f3c472b6799f621033446f765b075c6b8fb 10116 libpoppler-cpp-dev_0.74.0-0ubuntu1.2_arm64.deb d2d8f82834fae2801eadff05659fd622af9e210f 882300 libpoppler-cpp0v5-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 979941141481c44250cbd5ab313a851214e3727e 34072 libpoppler-cpp0v5_0.74.0-0ubuntu1.2_arm64.deb 2a8eec5c3a82816d8a2c089c55d1bacfd8613eb1 5108 libpoppler-dev_0.74.0-0ubuntu1.2_arm64.deb a87d3673f017c3549ca94af9c38033bec5cb9562 57808 libpoppler-glib-dev_0.74.0-0ubuntu1.2_arm64.deb 17440e45171609da4749e425587c7d06d92320e5 1690752 libpoppler-glib8-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 3a061e4870b424de49235d208266f9e830d11982 96696 libpoppler-glib8_0.74.0-0ubuntu1.2_arm64.deb b6e794c22d8a36054ba0d6421a2dbc37ba79397d 174228 libpoppler-private-dev_0.74.0-0ubuntu1.2_arm64.deb e70b61b1b3d3548b3a4423b68bd7818445957bbc 4615260 libpoppler-qt5-1-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 5c08c74cb1c3b57d9a4b56d52c33ee8fd9163ebd 136032 libpoppler-qt5-1_0.74.0-0ubuntu1.2_arm64.deb 366b585b39779e6a0fc7c8a70b43ec06433ead41 34764 libpoppler-qt5-dev_0.74.0-0ubuntu1.2_arm64.deb dc4da9817dc1a4c91e7dd926793656af382bcad1 7766844 libpoppler85-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 020bd98a6958dd111fadc3ffc60fee4f32f624ac 824420 libpoppler85_0.74.0-0ubuntu1.2_arm64.deb 5ae3a29039c6fde0eac85cc615965624b37b2316 2960152 poppler-utils-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb fd9540c2aeddbcfd4a8d1c7daa2712571c49a5cf 153736 poppler-utils_0.74.0-0ubuntu1.2_arm64.deb 4413b203507dfa35683df16fc87653f564ba045e 18583 poppler_0.74.0-0ubuntu1.2_arm64.buildinfo Checksums-Sha256: c4c90acf28436acd19c8b4d546dd243d9aef54f17e1756f6d0881d2db643efbe 19704 gir1.2-poppler-0.18_0.74.0-0ubuntu1.2_arm64.deb 9c59047312187a662d3af5361a3948c183a9c2dee65ae8084814568aadc77a45 10116 libpoppler-cpp-dev_0.74.0-0ubuntu1.2_arm64.deb 118b836cd63144077e7e9ceabb18375e72b516570aa58865ff184c716548b39d 882300 libpoppler-cpp0v5-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 3f7ebd0981e41c31dbb3d563a46560a5f57ba050f71fdaa9d6dfa674f7baf2b8 34072 libpoppler-cpp0v5_0.74.0-0ubuntu1.2_arm64.deb 9683f48dce93081af4861619964839987d0713de98f0dba88186bc71446052e0 5108 libpoppler-dev_0.74.0-0ubuntu1.2_arm64.deb a0a94382dedd03daefab37bc9052fed7606e8c68b7311d93facddf010464d18d 57808 libpoppler-glib-dev_0.74.0-0ubuntu1.2_arm64.deb 939cae9084e27e899384fd0b8b9b84e072ec4ff88d4739d61527cb492ff81d76 1690752 libpoppler-glib8-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 44ccc6c10a3bbcd63358bb97710e85f0431bfd45f0b0c1b167d9d871cfef47ee 96696 libpoppler-glib8_0.74.0-0ubuntu1.2_arm64.deb 13d35ff94bbb9044386d670aa15c992185110be068d999d42b8ffbcadece8c00 174228 libpoppler-private-dev_0.74.0-0ubuntu1.2_arm64.deb adb5597ea5622836e442dbdbca75aebbe2aa72168e2dd170df09d9fd767953fd 4615260 libpoppler-qt5-1-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 7240e2d60852148b4992c879aeb91be92451707a79a6b381faaa6e5495cb098a 136032 libpoppler-qt5-1_0.74.0-0ubuntu1.2_arm64.deb 3ac4282841cb1dab379065e17b882c12ed373a1b7a74700dcd5b2c924f7655b2 34764 libpoppler-qt5-dev_0.74.0-0ubuntu1.2_arm64.deb 4c224de0772aea9be560c7118e30c1fa4b618cd8664edaf0ee193ccb2b8ed2b8 7766844 libpoppler85-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb e2bc3e326dc60ba6296353aacd4bf6a78425dc5bf5e585c5a3cc73c72b4ed783 824420 libpoppler85_0.74.0-0ubuntu1.2_arm64.deb 6f17d7a8c09161c425c98751fa3b82929c28e1638d9a21a84a44c4e23ad50c43 2960152 poppler-utils-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 4bb64efaeef7cab25373eab34fd5f9782bc52b79d0b9b73b83b7b2e0eb27f1c0 153736 poppler-utils_0.74.0-0ubuntu1.2_arm64.deb 10421c977fe1c11bc6eeb05e32abb2cd4cdec39b3635e263556503365c03fc18 18583 poppler_0.74.0-0ubuntu1.2_arm64.buildinfo Files: b761affbcef728c7ec5d7e5ad7643bf5 19704 introspection optional gir1.2-poppler-0.18_0.74.0-0ubuntu1.2_arm64.deb 19f85e0a8f8d21eb185cff849dc7798d 10116 libdevel optional libpoppler-cpp-dev_0.74.0-0ubuntu1.2_arm64.deb c3c99ec7dc6b8ba27910295bf7a23309 882300 debug optional libpoppler-cpp0v5-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 82558bfa96b0f79c44db084af7b901ee 34072 libs optional libpoppler-cpp0v5_0.74.0-0ubuntu1.2_arm64.deb 0f7c9f91468453663db7d7c7003dd776 5108 libdevel optional libpoppler-dev_0.74.0-0ubuntu1.2_arm64.deb ef0808ea047bb5ea2f3bc68437baccf1 57808 libdevel optional libpoppler-glib-dev_0.74.0-0ubuntu1.2_arm64.deb 9f3cbe4a1d4789343f02ad3b646f2b52 1690752 debug optional libpoppler-glib8-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb d6927c779b6f30c88e34efa48623ee60 96696 libs optional libpoppler-glib8_0.74.0-0ubuntu1.2_arm64.deb 32e72be56fdba0eb789cc9a759f7900c 174228 libdevel optional libpoppler-private-dev_0.74.0-0ubuntu1.2_arm64.deb 3b3c0b60fcfece5cb18b82f3aa90eb59 4615260 debug optional libpoppler-qt5-1-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb b692a3de9437e3b65261c9875f693ab8 136032 libs optional libpoppler-qt5-1_0.74.0-0ubuntu1.2_arm64.deb 66b6685e5c7f7f635ac08a4bf274ff60 34764 libdevel optional libpoppler-qt5-dev_0.74.0-0ubuntu1.2_arm64.deb cd025a30fc7ff5a1542d53bd02e51471 7766844 debug optional libpoppler85-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb 731f95a36175ea8bbbc7296e78fb8e5b 824420 libs optional libpoppler85_0.74.0-0ubuntu1.2_arm64.deb 7c56a25020faa7001a0b9496ace062c1 2960152 debug optional poppler-utils-dbgsym_0.74.0-0ubuntu1.2_arm64.ddeb a02c6af2a8bd3001376a26950501bd7e 153736 utils optional poppler-utils_0.74.0-0ubuntu1.2_arm64.deb 03c070069873cc45c71a7656260fbf18 18583 devel optional poppler_0.74.0-0ubuntu1.2_arm64.buildinfo Original-Maintainer: Debian freedesktop.org maintainers