[ubuntu/raring-proposed] poppler 0.20.5-1ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Mar 26 20:00:15 UTC 2013 

poppler (0.20.5-1ubuntu3) raring; urgency=low

  * SECURITY UPDATE: invalid memory access issues
    - debian/patches/CVE-2013-1788.patch: add checks in poppler/Function.cc,
      poppler/Stream.cc, splash/Splash.cc.
    - CVE-2013-1788
  * SECURITY UPDATE: denial of service via malformed documents
    - debian/patches/CVE-2013-1789.patch: validate data in splash/Splash.cc.
    - CVE-2013-1789
  * SECURITY UPDATE: uninitialized memory read
    - debian/patches/CVE-2013-1790.patch: properly handle refLine in
      poppler/Stream.cc.
    - CVE-2013-1790

Date: Fri, 08 Mar 2013 12:59:26 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/poppler/0.20.5-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 08 Mar 2013 12:59:26 -0500
Source: poppler
Binary: libpoppler28 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-cpp0 libpoppler-cpp-dev poppler-utils poppler-dbg
Architecture: source
Version: 0.20.5-1ubuntu3
Distribution: raring
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
 libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
 libpoppler28 - PDF rendering library
 poppler-dbg - PDF rendering library -- debugging symbols
 poppler-utils - PDF utilities (based on Poppler)
Changes: 
 poppler (0.20.5-1ubuntu3) raring; urgency=low
 .
   * SECURITY UPDATE: invalid memory access issues
     - debian/patches/CVE-2013-1788.patch: add checks in poppler/Function.cc,
       poppler/Stream.cc, splash/Splash.cc.
     - CVE-2013-1788
   * SECURITY UPDATE: denial of service via malformed documents
     - debian/patches/CVE-2013-1789.patch: validate data in splash/Splash.cc.
     - CVE-2013-1789
   * SECURITY UPDATE: uninitialized memory read
     - debian/patches/CVE-2013-1790.patch: properly handle refLine in
       poppler/Stream.cc.
     - CVE-2013-1790
Checksums-Sha1: 
 95284454ad6c8902cb8f8a3d7fab0dbffd74cb06 3102 poppler_0.20.5-1ubuntu3.dsc
 5be75ab0d84d09a728766f36dc5572fb5a7092b9 32247 poppler_0.20.5-1ubuntu3.debian.tar.gz
Checksums-Sha256: 
 eac53826629e289e4d8513d574e2c27e3e8284237940b986e283d1573bb47e8b 3102 poppler_0.20.5-1ubuntu3.dsc
 82609999a10c75bd7b5970cc5a68162e9901a2e321c02ee6aca4f24666cde84f 32247 poppler_0.20.5-1ubuntu3.debian.tar.gz
Files: 
 2272f3ce52025a7a67a5c75b9f579928 3102 devel optional poppler_0.20.5-1ubuntu3.dsc
 698aaaae128087881dfd2089f2618ea0 32247 devel optional poppler_0.20.5-1ubuntu3.debian.tar.gz
Original-Maintainer: Loic Minier <lool at dooz.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJRUfsgAAoJEGVp2FWnRL6TQJsP/jVUq7nvnhCta/oKiQp2q6dc
mwkqtIyHna3hBpSo3rmXHWRY6zqOBKtwrLF5zPuaQG17WlN0TF3mgf+u79u7EJL+
EY+CB4WbXO0XJWSvd14F84//vOwrKZ9KQk/eBUfWo+EQwIrqXBzjVu/oOVa82GDO
iNkQow/PHVNHZZqBYFC6I3H73ZiFQkPDI+KsniGlu9YbFN3996+u51D7XbA4vVrU
7g5fD1obXJ0nGqVj5XQzW6K1Zr1hykl+XA8S8fEK3+28Ku9TENBNL8+dM3IZ5t3/
kbjHUrcsJGSK7O+X7tkIniMKdlfF/mwrnknZZKbEUaIB1AanL6WYzGHxcflqw8Sd
0GM4uF8OX0j1IIlqrP78PvNPJnoeu+H6GnDAgXMu4G7aO+2jseApy3TBhegcB+jG
AtAdTIXV3OOcnzSD3eTTleiBDNpnKiH1d8tpjbvbUEHaU/nZiEe0YPwFkK/S/NV9
GiAQMJQcaCMDOzBaMgyQ4etGhBCLc6L9ILM4Z2wLDoR3ftzLQgAH+zSxDMLTTvUI
NYCP6Sx4Yf7eXs8vT4hRqBm7sFUR2SlfR44QG0XeoFQriXdpNpgl5fkzwodEy65J
4ZL2LS3vUMR7Lx6jwaYDWf1jdX/G0X3r2+abAtXk0+X4u7Z3hiuMWRjugaFp5aRO
pxbRsNijDPotZE8mwHoJ
=+5T9
-----END PGP SIGNATURE-----

More information about the Raring-changes mailing list