Subject: CVS commit: pkgsrc/print/poppler
To: None <pkgsrc-changes@NetBSD.org>
From: Jeremy C. Reed <reed@netbsd.org>
List: pkgsrc-changes
Date: 01/11/2006 16:10:11
Module Name: pkgsrc
Committed By: reed
Date: Wed Jan 11 16:10:11 UTC 2006
Modified Files:
pkgsrc/print/poppler: Makefile distinfo
Log Message:
Update to poppler-0.4.4.
From ChangeLog:
2006-01-10 Kristian Høgsberg <krh@redhat.com>
* configure.ac: Bump realease to 0.4.4.
* NEWS: Sum up changes.
* poppler/DCTStream.cc: Backport patch for KDE #119569.
2006-01-10 Kristian Høgsberg <krh@redhat.com>
Security patch from Martin Pitt (#5516). Multiple integer/buffer
overflows.
* poppler/Stream.cc (CCITTFaxStream::CCITTFaxStream): Check
columns for negative or large values (CVE-2005-3624).
* poppler/Stream.cc: Reset numComps to 0 since it's a global
variable that is used later (CVE-2005-3627).
* poppler/Stream.cc (DCTStream::readHuffmanTables): Fix out of
bounds array access in Huffman tables (CVE-2005-3627).
* poppler/Stream.cc (DCTStream::readMarker): Check for EOF in
while loop to prevent endless loops (CVE-2005-3625).
* poppler/JBIG2Stream.cc (JBIG2Bitmap::JBIG2Bitmap,
JBIG2Bitmap::expand, JBIG2Stream::readHalftoneRegionSeg): Check
user supplied width and height against invalid values. Allocate
one extra byte to prevent out of bounds access in combine().
2006-01-10 Kristian Høgsberg <krh@redhat.com>
* poppler/Stream.cc: Fix bug in last security patch (#5514).
Also, for the record, the security patch also fixes CVE-2005-3192
and CVE-2005-3193.
2005-12-18 Albert Astals Cid <aacid@kde.org>
* configure.ac: Better jpeg detection, refer to ml PCbsd problem
* qt/Makefile.am: Backport fix build on systems where fontconfig is
not on /usr/include
To generate a diff of this commit:
cvs rdiff -r1.6 -r1.7 pkgsrc/print/poppler/Makefile
cvs rdiff -r1.4 -r1.5 pkgsrc/print/poppler/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.