pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/print/qpdf



Module Name:    pkgsrc
Committed By:   ryoon
Date:           Thu Sep 28 12:50:36 UTC 2017

Modified Files:
        pkgsrc/print/qpdf: Makefile distinfo

Log Message:
Update to 7.0.0

Changelog:
2017-09-15  Jay Berkenbilt  <ejb%ql.org@localhost>

        * 7.0.0: release

2017-09-12  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Relicense qpdf under version 2.0 of the Apache License rather
        than version 2.0 of the Artistic License. Both are fine, but the
        Apache License is in more widespread use, and I like it a little
        better than Artistic-2.0. It is my intention that there be no
        change in what you can or can't do with qpdf. Versions of qpdf
        prior to version 7 were released under the terms of version 2.0 of
        the Artistic License. At your option, you may continue to consider
        qpdf to be licensed under those terms. Please see the manual for
        additional information.

        * Improve the error message that is issued when QPDFWriter
        encounters a stream that can't be decoded. In particular, mention
        that the stream will be copied without filtering to avoid data
        loss.

        * Add new methods to the C API to correspond to new additions to
        QPDFWriter:
        - qpdf_set_compress_streams
        - qpdf_set_decode_level
        - qpdf_set_preserve_unreferenced_objects
        - qpdf_set_newline_before_endstream

2017-08-25  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Re-implement parser iteratively to avoid stack overflow on very
        deeply nested arrays and dictionaries. Fixes #146.

        * Detect infinite loop while finding additional xref tables. Fixes
        #149.

2017-08-22  Jay Berkenbilt  <ejb%ql.org@localhost>

        * 7.0.b1: release

        * Convert all README files to markdown. Names changed as follows:
          - README --> README.md
          - README.hardening --> README-hardening.md
          - README.maintainer --> README-maintainer.md
          - README-what-to-download.txt --> README-what-to-download.md
          - README-windows.txt --> README-windows.md
          The file README-windows-install.txt remains a text file.

2017-08-21  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Add support for writing PCLm files. Most of the work was done by
        Sahil Arora <sahilarora.535%gmail.com@localhost> as part of a Google Summer
        of Code project in 2017. PCLm support is useful only for clients
        that specifically know how to create PCLm files. Support in qpdf
        is just for ensuring that objects are written in the correct order
        and for including some additional material in the output that is
        required by the PCLm standard.

2017-08-19  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Remove --precheck-streams. This is enabled by default now
        without any efficiency cost. This feature was never released.

        * Update pdf-create example to illustrate use of additional image
        compression filters.

        * Add support for /RunLengthDecode and /DCTDecode:
          - New pipeline types Pl_RunLength and Pl_DCT
          - New command-line flags --compress-streams and --decode-level
            to replace/enhance --stream-data
          - New QPDFWriter::setCompressStreams and
            QPDFWriter::setDecodeLevel methods
          Please see documentation, header files, and help messages for
          details on these new features.

2017-08-12  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Add QPDFObjectHandle::rotatePage to apply rotation to a page
        object. Add --rotate option to qpdf to specify page rotation from
        the command line.

        * Provide --verbose option that causes qpdf to print an indication
        of what files it is writing.

        * Change --single-pages to --split-pages and make it take an
        optional argument specifying the number of pages per file.

2017-08-11  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Fix --newline-before-endstream to always add a newline before
        endstream even if the last character was already a newline. This
        is actually what's required by PDF/A. Fixes #133.

        * Handle encrypted files whose encryption parameters are too
        short. Fixes #96.

2017-08-10  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Remove dependency on libpcre.

        * Be more forgiving of certain types of errors in the xref table
        that don't interfere with interpreting the table.

        * Remove unused "tracing" parameter from PointerHolder's
        (T*, bool) constructor. This change breaks source code
        compatibility, but since this argument to PointerHolder has not
        used for a long time and the presence of a boolean parameter in
        the primary constructor makes it too easy to use that by mistake
        when trying to use PointerHolder for arrays, it seems like it's
        finally time to take it out. If you have a compile error because
        of this change, please check to see whether you intended to use
        the (bool, T*) version of the constructor instead. If not, just
        remove the second parameter.

2017-08-09  Jay Berkenbilt  <ejb%ql.org@localhost>

        * When recovering stream length, find endobj without endstream as
        well as just looking for endstream. Be a little more lax about
        where we allow it to be found.

2017-08-05  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Add --single-pages option to cause output to be written to a
        separate file for each page rather than one big file.

        * Process --pages options earlier so that certain inspection
        options, like --show-pages, can show the state after the merging
        operations.

2017-08-02  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Fix off-by-one error in parsing pages options. Fixes #129.

2017-07-29  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Support @filename and @- in the qpdf command-line tool to read
        command-line arguments, one per line, from the named file. @-
        reads from standard input. Fixes #16.

        * Detect when input file and output file are the same and exit to
        avoid overwriting and losing input file. Fixes #29.

        * When passing multiple inspection arguments, run --check first,
        and defer exit until after all the checks have been run. This
        makes it possible to force operations such as --show-xref to be
        delayed until after recovery attempts have been made. For example,
        if you have a file with a syntactically valid xref table that has
        some offsets that are incorrect, running qpdf --check --show-xref
        on that file will first recover the xref and the dump the
        recovered xref, while just running qpdf --show-xref will show the
        xref table as present in the file. Fixes #42.

        * When recovering stream length, indicate the recovered length.
        Fixes #44.

        * Add --newline-before-endstream command-line option and
        setNewlineBeforeEndstream method to QPDFWriter. This forces qpdf
        to always add a newline before the endstream keyword. It is a
        necessary but not sufficient condition for PDF/A compliance. Fixes
        #103.

        * Handle zlib data errors when decoding streams. Fixes #106.

        * Improve handling of files where the "stream" keyword is not
        followed by proper line terminators. Fixes #104.

        * Fix content stream parsing to handle cases of structures within
        the stream split across stream boundaries. Fixes #73.

2017-07-28  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Add --preserve-unreferenced command-line option and
        setPreserveUnreferencedObjects method to QPDFWriter. This option
        causes QPDFWriter to write all objects from the input file to the
        output file regardless of whether the objects are referenced.
        Objects are written to the output file in numerical order from the
        input file. This option has no effect for linearized files.

2017-07-27  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Add --precheck-streams command-line option and setStreamPrecheck
        method to QPDFWriter to tell QPDFWriter to attempt decoding a
        stream fully before deciding whether to filter it or not.

        * Recover gracefully from streams that aren't filterable because
        the filter parameters are invalid in the stream dictionary or the
        dictionary itself is invalid.

        * Significantly improve recoverability from invalid qpdf objects.
        Most conditions in basic object parsing that used to cause qpdf to
        exit are now warnings. There are still many more opportunities for
        improvements of this sort beyond just object parsing.

2017-07-26  Jay Berkenbilt  <ejb%ql.org@localhost>

        * Fixes to infinite loops below also fix problems reported in
        other issues and cover CVE-2017-11624, CVE-2017-11625,
        CVE-2017-11626, and CVE-2017-11627.

        * Don't attempt to interpret syntactic keywords (like R and
        endobj) found while parsing content streams.

        * Detect infinite loops while resolving objects. This could happen
        if something inside an object that had to be resolved during
        parsing, such as a stream length, recursively referenced the
        object being resolved.

        * CVE-2017-9208: Handle references to and appearance of object 0
        as a special case. Object 0 is not allowed, and qpdf was using it
        internally to represent direct objects.

        * CVE-2017-9209: Fix infinite loop caused by attempting to
        reconstruct the xref table while already in the process of
        reconstructing the xref table.

        * CVE-2017-9210: Fix infinite loop caused by attempting to unparse
        an object for inclusion in the text of an exception.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/print/qpdf/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/print/qpdf/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/print/qpdf/Makefile
diff -u pkgsrc/print/qpdf/Makefile:1.12 pkgsrc/print/qpdf/Makefile:1.13
--- pkgsrc/print/qpdf/Makefile:1.12     Sat Jul  9 06:38:52 2016
+++ pkgsrc/print/qpdf/Makefile  Thu Sep 28 12:50:36 2017
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.12 2016/07/09 06:38:52 wiz Exp $
+# $NetBSD: Makefile,v 1.13 2017/09/28 12:50:36 ryoon Exp $
 
-DISTNAME=      qpdf-6.0.0
-PKGREVISION=   1
+DISTNAME=      qpdf-7.0.0
 CATEGORIES=    print
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=qpdf/}
 

Index: pkgsrc/print/qpdf/distinfo
diff -u pkgsrc/print/qpdf/distinfo:1.11 pkgsrc/print/qpdf/distinfo:1.12
--- pkgsrc/print/qpdf/distinfo:1.11     Fri Mar 11 15:37:02 2016
+++ pkgsrc/print/qpdf/distinfo  Thu Sep 28 12:50:36 2017
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.11 2016/03/11 15:37:02 ryoon Exp $
+$NetBSD: distinfo,v 1.12 2017/09/28 12:50:36 ryoon Exp $
 
-SHA1 (qpdf-6.0.0.tar.gz) = 15ebe09d9b9ddd2309a67e4295693fcf82494e33
-RMD160 (qpdf-6.0.0.tar.gz) = 9ac7bcef96831062bf3ec9a68e6676b026f3e326
-SHA512 (qpdf-6.0.0.tar.gz) = 303e3cc77ddb87b9494e26c35e0b45b42f73692054c56a00f2e4f1922633c6ebb45c8684992cd9bf32f03366fcc4cd7e7ec6fb9432d2dbba6e0b24395909b5bf
-Size (qpdf-6.0.0.tar.gz) = 8344860 bytes
+SHA1 (qpdf-7.0.0.tar.gz) = 506002271a7e04f431014baa94dd820c47235356
+RMD160 (qpdf-7.0.0.tar.gz) = ac3026a820d41dc127823fd3cfe0c1f6af90a4b0
+SHA512 (qpdf-7.0.0.tar.gz) = 7b52d67b4d2c428a7b0c1cd03b03a23f05d38d7e3c81041079a137919019ea5158f12bf95fdcfcff6b43ffdefe93a85127ced2a363a6b4b380cbaa02a3840256
+Size (qpdf-7.0.0.tar.gz) = 7053781 bytes
 SHA1 (patch-make_libtool.mk) = 8622d6a446da284269102dde38bf14271363dfdc



Home | Main Index | Thread Index | Old Index