poppler (22.02.0-2ubuntu0.6) jammy-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read in pdf file parsing.
- debian/patches/CVE-2024-56378.patch: Add checks to unlikely and destPtr
in poppler/JBIG2Stream.cc.
- CVE-2024-56378
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Tue, 14 Jan 2025 12:44:37 -0330
poppler (22.02.0-2ubuntu0.5) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2024-6239.patch: fix crash in broken
documents when using -dests in utils/pdfinfo.c.
- CVE-2024-6239
-- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com> Thu, 27 Jun 2024 14:11:16 -0300
poppler (22.02.0-2ubuntu0.4) jammy; urgency=medium
* Add fix-invisible-form-fields.patch:
- Pick upstream fix for a regression making fields invisible
(LP: #1980836)
-- Timo Jyrinki <timo-jyrinki@ubuntu.com> Wed, 17 Apr 2024 14:49:37 +0300
poppler (22.02.0-2ubuntu0.3) jammy-security; urgency=medium
* SECURITY UPDATE: denial of service issue
- debian/patches/CVE-2022-37050.patch: pdfseparate: Check XRef's
Catalog for being a Dict
- debian/patches/CVE-2022-37051.patch: Check isDict before calling
getDict
- debian/patches/CVE-2022-37052.patch: pdfseparate: Account for
XRef::add failing because we run out of memory
- debian/patches/CVE-2022-38349.patch: pdfunite: Fix crash on broken
files
- CVE-2022-37050
- CVE-2022-37051
- CVE-2022-37052
- CVE-2022-38349
-- Nishit Majithia <nishit.majithia@canonical.com> Wed, 22 Nov 2023 11:22:05 +0530
poppler (22.02.0-2ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: DoS via crafted PDF file
- debian/patches/CVE-2022-27337.patch: bail out if we run out of file
when reading in poppler/Hints.cc.
- CVE-2022-27337
* SECURITY UPDATE: DoS via crafted PDF file
- debian/patches/CVE-2023-34872.patch: fix crash in poppler/Outline.cc.
- CVE-2023-34872
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 02 Aug 2023 14:52:35 -0400
poppler (22.02.0-2ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Integer Overflow
- debian/patches/CVE-2022-38784.patch:Fix crash on broken file
in poppler/JBIG2Stream.cc.
- CVE-2022-38784
-- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com> Tue, 06 Sep 2022 06:32:35 -0300
poppler (22.02.0-2) experimental; urgency=medium
[ Steve Langasek ]
* Add segfault-on-unset-catalog.patch:
fix a segfault when a document does not have a catalog
[ Jeremy Bicha ]
* Add some optional symbols that show in 32-bit builds
* Revert unneeded "debian/rules: Set DPKG_GENSYMBOLS_CHECK_LEVEL = 4"
-- Jeremy Bicha <jeremy.bicha@canonical.com> Mon, 07 Feb 2022 08:17:59 -0500
poppler (22.02.0-1) experimental; urgency=medium
* Team upload
* New upstream release
* Update library name to libpoppler118 to match soname
* Add new symbols to our symbols files
* debian/rules: Set DPKG_GENSYMBOLS_CHECK_LEVEL = 4
* Set debhelper-compat to 13
* Lots of minor packaging cleanup
-- Jeremy Bicha <jeremy.bicha@canonical.com> Fri, 04 Feb 2022 09:18:41 -0500
poppler (21.11.0-1) experimental; urgency=medium
* New upstream version
* Updated for the soname change
* Refreshed symbols for the new version
-- Sebastien Bacher <seb128@ubuntu.com> Tue, 02 Nov 2021 10:17:01 +0100
poppler (21.06.1-1) experimental; urgency=medium
* New upstream version
-- Sebastien Bacher <seb128@ubuntu.com> Mon, 21 Jun 2021 16:27:09 +0200
# For older changelog entries, run 'apt-get changelog libpoppler118'
Generated by dwww version 1.14 on Thu Jan 23 03:35:34 CET 2025.