[Bug 570183] New: libpoppler security upgrade breaks xpdf

newer
[Bug 570306] New: Java web start...

older
[Bug 569917] New: yast2-scanner:...

bugzilla_noreply＠novell.com

12 Jan 2010 12 Jan '10

23:18

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c0 Summary: libpoppler security upgrade breaks xpdf Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: x86-64 OS/Version: openSUSE 11.2 Status: NEW Severity: Normal Priority: P5 - None Component: X11 Applications AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: daved@windclimber.id.au QAContact: qa@suse.de Found By: --- Blocker: --- Created an attachment (id=336274) --> (http://bugzilla.novell.com/attachment.cgi?id=336274) PDF file which triggers Segmentation violation User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.1.6) Gecko/20091206 SeaMonkey/2.0.1 After doing online update to libpoppler 0.12.0-3.7.1 (x86_64) xpdf reports segmentation violation when opening some pdf files, before opening a window. Reverting to /usr/lib64/libpoppler.so.5.0.0 distributed with the 11.2 release fixes problem. I will attach a file which triggers fault. This has been confirmed on two 64 bit machines. Reproducible: Always Steps to Reproduce: 1. upgrade libpoppler (on 64 bit machine) 2. open attached PDF file with xpdf 3. Actual Results: Segmentation fault Expected Results: file displayed -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

Show replies by date

bugzilla_noreply＠novell.com

13 Jan 13 Jan

07:48

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c yang xiaoyu changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xyyang@novell.com AssignedTo|bnc-team-screening@forge.pr |bnc-team-gnome@forge.provo. |ovo.novell.com |novell.com -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:41

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c1 Li Bin changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |bili@novell.com AssignedTo|bnc-team-gnome@forge.provo. |bili@novell.com |novell.com | --- Comment #1 from Li Bin 2010-01-13 09:41:21 UTC --- I'd take care of it. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

14 Jan 14 Jan

18:17

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c2 Joachim Deguara changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |joachim.deguara@amd.com --- Comment #2 from Joachim Deguara 2010-01-14 18:17:47 UTC --- Same here and more precisely I downgraded to version 0.12.0-3.5 of libpoppler5 and it worked. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15 Jan 15 Jan

07:56

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c3 --- Comment #3 from Li Bin 2010-01-15 07:56:46 UTC --- Done. I found the reason, this security update change some header's of xpdf-poppler used, when I build the xpdf-poppler with the latest libpoppler-devel, it works fine. You can test it from my build service for test. https://api.opensuse.org/build/home:BinLi:branches:openSUSE:11.2/standard/i5... https://api.opensuse.org/build/home:BinLi:branches:openSUSE:11.2/standard/x8... -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:07

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c4 Li Bin changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |thomas@novell.com --- Comment #4 from Li Bin 2010-01-15 08:07:41 UTC --- Thomas, When update the fix from Bug #507102 - VUL-0: poppler: multiple integer overflows in "pdftops" filter (CVE-2009-0791), the xpdf-poppler also need to be updated. How do let it work? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:25

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c5 Thomas Biege changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|thomas@novell.com | --- Comment #5 from Thomas Biege 2010-01-15 08:25:41 UTC --- When we (sec-team) know the list of affected packages we just would create patchinfos for them in SWAMP. xpdf-poppler depends on poppler which means it will be rebuild automatically. Should we release xpdf-poppler? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:39

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c6 Li Bin changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |thomas@novell.com --- Comment #6 from Li Bin 2010-01-15 08:39:46 UTC --- Yes, we need release the xpdf-poppler. And from Bug 569318 - libpoppler4 too old for KDE Okular in KDE SC 4.4, maybe we need also release the kdegraphics4 which depends the libpoppler-devel in openSUSE 11.1, currently I'm not 11.1 in hand, so I need to install a new to make sure about it. So do we fixed together? If not, release this first. Thanks! -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:02

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c7 Ludwig Nussel changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|thomas@novell.com | --- Comment #7 from Ludwig Nussel 2010-01-15 10:02:22 CET --- so the safeint patch broke binary compatibility which is not surprising and bad for a library in released distros. How did upstream fix the problems? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:18

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c8 --- Comment #8 from Li Bin 2010-01-15 09:18:29 UTC --- Ludwig, Gabriel already submit the safeint patch into upstream from https://bugs.freedesktop.org/show_bug.cgi?id=26047 . And the upstream refuse to accept it. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:29

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c9 --- Comment #9 from Ludwig Nussel 2010-01-15 10:29:44 CET --- Well, what do you expect if you submit a patch for an old version? That was not my question anyways. Since upstream doesn't use the safeint patch how does their fix look like? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:39

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c10 --- Comment #10 from Li Bin 2010-01-15 09:38:57 UTC --- Ludwig, It don't need a patch for just rebuild the xpdf-poppler which depends the new libpoppler-devel. The upstream thought this CVE bug is a making money bug, :), so not care of it very much. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

10:39

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c11 --- Comment #11 from Marcus Meissner 2010-01-15 10:39:46 UTC --- The problem is that we should not change the ABI on our library packages. there is more than xpdf-poppler linking against poppler for instance, we have sev eral others (evince, kde4-okular, cups) ... Also the customer can have their own applications linking against poppler and we might have broken them without chance for us to fix it. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

11:56

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c12 Detlef Reichelt changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |detlef@die-mafia.de --- Comment #12 from Detlef Reichelt 2010-01-15 11:55:58 UTC --- And some other application doesn't build with the sec update, for example: libextractor -> http://www.gnu.org/software/libextractor/ config.log: configure:19382: checking poppler/goo/gmem.h usability configure:19382: gcc -c -fno-strict-aliasing -O2 -g -m64 -fmessage-length=0 -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables conftest.c >&5 In file included from conftest.c:108: /usr/include/poppler/goo/gmem.h:47: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'SafeInt' /usr/include/poppler/goo/gmem.h:126: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'operator' Detlef -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15:52

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c13 --- Comment #13 from Li Bin 2010-01-15 15:52:47 UTC --- Detlef, I think you should use g++ instead of gcc for your issue. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

16 Jan 16 Jan

15:42

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c14 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dbischof@hrz.uni-kassel.de --- Comment #14 from Marcus Meissner 2010-01-16 15:42:20 UTC --- *** Bug 571361 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=571361 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15:42

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c15 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mgerlach@gmx.net --- Comment #15 from Marcus Meissner 2010-01-16 15:42:35 UTC --- *** Bug 571293 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=571293 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

opensuse-bugs+bounces-385816＠opensuse.org

18 Jan 18 Jan

02:53

New subject: None

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c16 Li Bin changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bili@novell.com |security-team@suse.de --- Comment #16 from Li Bin 2010-01-18 02:53:06 UTC --- ->Security team. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

16:54

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c17 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dmueller@novell.com, | |meissner@novell.com, | |pgajdos@novell.com --- Comment #17 from Marcus Meissner 2010-01-18 16:54:35 UTC --- cc dirk, pgajdos -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

19 Jan 19 Jan

15:08

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c18 --- Comment #18 from Ludwig Nussel 2010-01-19 16:08:15 CET --- I'd vote for reverting the update and fix it in a better way -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15:14

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c19 --- Comment #19 from Marcus Meissner 2010-01-19 15:14:01 UTC --- we need to at least revert the SafeInt patch. the g*alloc binary incompatible change is not acceptable. (and also these g*alloc functions are C functions, not C++, so we cannot use classes) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

17:49

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c20 Petr Gajdos changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |krahmer@novell.com, | |sbrabec@novell.com --- Comment #20 from Petr Gajdos 2010-01-19 17:49:56 UTC --- (In reply to comment #9)

...

my question anyways. Since upstream doesn't use the safeint patch how does their fix look like?

The problem is, that our security team wanted better fix than upstream have :-). That is why the xpdf-safe-int.patch has arisen, why is so huge and why I was convinced from the beginning this patch is not upstreamable. I suggest read bug 502974 for more informations. I have talked with sbrabec and he suggested to (carefully) consider version update for poppler, if there is no ABI change and addresses said security problem sufficiently. Alternatively (for older distributions for example), original small patch from upstream -- bug 502061, comment 2 could be backported. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

20 Jan 20 Jan

12:51

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c21 --- Comment #21 from Marcus Meissner 2010-01-20 12:51:32 UTC --- I have found a method to make the safeint patch more "safe" for this reasons, by hjust exporting the extern "C" version with normal ints and C++ variants with SafeInt. I am attaching the new patch and the diff between the two. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

12:53

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c22 --- Comment #22 from Marcus Meissner 2010-01-20 12:53:02 UTC --- Created an attachment (id=337644) --> (http://bugzilla.novell.com/attachment.cgi?id=337644) new safeint patch -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

12:54

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c23 --- Comment #23 from Marcus Meissner 2010-01-20 12:54:07 UTC --- Created an attachment (id=337646) --> (http://bugzilla.novell.com/attachment.cgi?id=337646) interdiff incremental patch to the one we released. (both for 11.2) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

13:49

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c24 --- Comment #24 from Marcus Meissner 2010-01-20 13:49:27 UTC --- That said ... Unless we can bring this patch upstream I would say that we remove it from our packages again and proceed with either smaller patches or a version upgrade. for 11.2 a version upgrade might be feasible (major version is still "5"), for older products not so easy. We would only revert the safeint patch from poppler (it can stay in the xpdfs and other non libraries). so to do: - bili: remove safe int patch from popplers and get them submitted, all opensuse and sle branches :/ so we can proceed with unbreaking the buildsystem and our customers. - bili: for 11.2 can you do test builds of a version update to 0.12.3? - did we miss any security fixes? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

13:50

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|security-team@suse.de |bili@novell.com -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

26 Jan 26 Jan

14:19

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c25 Reinhard Max changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |max@novell.com --- Comment #25 from Reinhard Max 2010-01-26 14:19:34 UTC --- *** Bug 573867 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=573867 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

2 Feb 2 Feb

08:14

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c26 --- Comment #26 from Li Bin 2010-02-02 08:14:53 UTC --- I do it now, submit it later, :) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:53

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c27 Li Bin changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |meissner@novell.com --- Comment #27 from Li Bin 2010-02-02 09:53:47 UTC --- Marcus, Do we need a swampid for it? I prepare resubmit it without safe-int patch. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

10:16

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c28 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:30658 --- Comment #28 from Swamp Workflow Management 2010-02-02 10:16:36 UTC --- The SWAMPID for this issue is 30658. Please submit the patch and patchinfo file using this ID. (https://swamp.suse.de/webswamp/wf/30658) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

10:17

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c29 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|meissner@novell.com | --- Comment #29 from Marcus Meissner 2010-02-02 10:17:36 UTC --- yes. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

11:02

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c30 --- Comment #30 from Li Bin 2010-02-02 11:02:40 UTC --- Done for 11.1 and sle11. 31311 State:new Creator:BinLi When:2010-02-02T11:57:47 submit: home:BinLi:branches:openSUSE:11.1:Update/poppler -> openSUSE:11.1:Update Comment: 'Comment poppler-CVE-2009-0791-safe-int.patch(bnc#570183,swampid#30658)' 4284 State:new Creator:BinLi When:2010-02-02T12:01:44 submit: home:BinLi:branches:SUSE:SLE-11:Update/poppler -> SUSE:SLE-11:Update Comment: 'Comment poppler-safe-int.patch(bnc#570183,swampid#30658)' -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

12:13

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c31 --- Comment #31 from Marcus Meissner 2010-02-02 12:13:36 UTC --- also 11.2 please, this is where we had the original reports -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

16:10

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c32 --- Comment #32 from Li Bin 2010-02-02 16:10:34 UTC --- Marcus, Done for 11.2, and I upgrade to 0.12.3, and delete some patches which were in upstream. 31346 State:new Creator:BinLi When:2010-02-02T16:57:07 submit: home:BinLi:branches:openSUSE:11.2:Update:Test/poppler -> openSUSE:11.2:Update:Test Comment: 'Update to version 0.12.3(bnc#507183,swampid#30658)' -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

3 Feb 3 Feb

10:03

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c33 Li Bin changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bili@novell.com |security-team@suse.de --- Comment #33 from Li Bin 2010-02-03 10:02:59 UTC --- -> Security team. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15:41

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c34 --- Comment #34 from Thomas Biege 2010-02-03 15:41:05 UTC --- Thanks! -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

12 Feb 12 Feb

00:09

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c35 Christian Boltz changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |suse-beta@cboltz.de Severity|Normal |Major --- Comment #35 from Christian Boltz 2010-02-12 01:09:20 CET --- It looks like the update has dependency problems with okular on openSUSE 11.2 - see bug 579370 for details. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:55

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c36 Thomas Biege changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|security-team@suse.de |bili@novell.com --- Comment #36 from Thomas Biege 2010-02-12 08:55:03 UTC --- reassigning to Bin Li. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:57

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c37 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bili@novell.com |security-team@suse.de --- Comment #37 from Marcus Meissner 2010-02-12 08:57:00 UTC --- I had discussed this with Dirk and we reviewed this case ... We will be releasing an updated okular too, in the KDE 4.3.5 update. So the release of the poppler 11.2 update will just wait until ther KDE 4.3.5 upgrade. So nothing to do but wait right now. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15 Feb 15 Feb

08:06

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c38 io proprioio changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cadabras@gmail.com --- Comment #38 from io proprioio 2010-02-15 08:06:53 UTC --- Are you saying that opensuse 11.2 users will fix the problem only if they will upgrade to kde 4.3.5? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

09:49

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c39 --- Comment #39 from Marcus Meissner 2010-02-15 09:48:59 UTC --- the poppler update will update "okular" if present on the system. it does not require the kde 4.3.5 update -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

11:45

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c40 --- Comment #40 from Uwe Bonnes 2010-02-15 11:45:29 UTC --- The answers here are very dense and not very understandable for affected users. So "the poppler update will update "okular"" means that the update has not rolled out yet? Any estimation when it will happen? This list talks about the update for over two weeks now, with xpdf in an unuable state since over a month... -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

12:26

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c41 --- Comment #41 from Marcus Meissner 2010-02-15 12:26:29 UTC --- The update has not been rolled out yet. I am sorry that its taking so long, but fixing base libraries like poppler is not easy nor fun, especially if you do serveral tries. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

12:55

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c42 --- Comment #42 from io proprioio 2010-02-15 12:55:35 UTC --- But why should opensuse 11.2 users wait the kde 4.3.5 upgrade if poppler patch is independent? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

13:31

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c43 --- Comment #43 from Marcus Meissner 2010-02-15 13:31:19 UTC --- we decided to do a version upgrade for poppler in 11.2. however okular (KDE PDF / Document viewer) has a requires: poppler-qt == %version on the poppler version it was built on, so the two are connected to each other. thats hte reason we need to do this in sync. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

24 Feb 24 Feb

15:56

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c44 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:30658 |maint:running:30658 | |maint:released:11.2:30676 --- Comment #44 from Swamp Workflow Management 2010-02-24 15:56:15 UTC --- Update released for: libpoppler-devel, libpoppler-doc, libpoppler-glib-devel, libpoppler-glib4, libpoppler-glib4-debuginfo, libpoppler-qt2, libpoppler-qt2-debuginfo, libpoppler-qt3-devel, libpoppler-qt4-3, libpoppler-qt4-3-debuginfo, libpoppler-qt4-devel, libpoppler5, libpoppler5-debuginfo, poppler, poppler-debugsource, poppler-tools, poppler-tools-debuginfo Products: openSUSE 11.2 (debug, i586, x86_64) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15:57

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c45 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #45 from Marcus Meissner 2010-02-24 15:57:41 UTC --- donereelased -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

27 Feb 27 Feb

12:05

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c46 io proprioio changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|RESOLVED |REOPENED Platform|x86-64 |i586 Resolution|FIXED | --- Comment #46 from io proprioio 2010-02-27 12:05:29 UTC --- I updated but xpdf looks broken: it does not start any more. This is its output: xpdf: symbol lookup error: xpdf: undefined symbol: _ZN12GlobalParams23setForceNoFTAutoHintingEPc Does xpdf-poppler need an update? My xpdf-poppler is xpdf-poppler-3.02-4.3.i586 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

1 Mar 1 Mar

13:31

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c47 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED --- Comment #47 from Marcus Meissner 2010-03-01 13:31:18 UTC --- xpdf-poppler update released -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

14:34

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c48 Karl Eichwalder changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED --- Comment #48 from Karl Eichwalder 2010-03-01 14:34:58 UTC --- Works for me. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

6 Mar 6 Mar

17:43

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c49 io proprioio changed: What |Removed |Added ---------------------------------------------------------------------------- Status|VERIFIED |CLOSED --- Comment #49 from io proprioio 2010-03-06 17:43:41 UTC --- For me too. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

22:53

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c50 --- Comment #50 from Dave Davey 2010-03-06 22:53:33 UTC --- Do I have to do something other than a normal on-line update? I don't get a segmentation violation any longer, but I do get this failure: /usr/bin/xpdf: symbol lookup error: /usr/bin/xpdf: undefined symbol: _ZN15SplashOutputDev18setFreeTypeHintingEi -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

7 Mar 7 Mar

10:35

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c51 --- Comment #51 from io proprioio 2010-03-07 10:35:03 UTC --- I just updated. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

11 Mar 11 Mar

12:27

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c54 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:30658 |maint:running:30658 |maint:released:11.2:30676 |maint:released:11.2:30676 | |maint:released:11.1:30675 --- Comment #54 from Swamp Workflow Management 2010-03-11 12:27:55 UTC --- Update released for: libpoppler4 Products: openSUSE 11.1 (i586, ppc, x86_64) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

25 Mar 25 Mar

10:34

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c55 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:30658 |maint:running:30658 |maint:released:11.2:30676 |maint:released:11.2:30676 |maint:released:11.1:30675 |maint:released:11.1:30675 | |maint:released:sle11:30677 --- Comment #55 from Swamp Workflow Management 2010-03-25 10:34:30 UTC --- Update released for: libpoppler-devel, libpoppler-doc, libpoppler-glib-devel, libpoppler-glib4, libpoppler-qt2, libpoppler-qt3-devel, libpoppler-qt4-3, libpoppler-qt4-devel, libpoppler4, poppler, poppler-debuginfo, poppler-debugsource, poppler-tools Products: SLE-DEBUGINFO 11 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11 (i386, x86_64) SLE-SDK 11 (i386, ia64, ppc64, s390x, x86_64) SLE-SERVER 11 (i386, ia64, ppc64, s390x, x86_64) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

10:34

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:30658 |maint:released:11.2:30676 |maint:released:11.2:30676 |maint:released:11.1:30675 |maint:released:11.1:30675 | |maint:released:sle11:30677 | -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

15 Apr 15 Apr

10:41

New subject: [Bug 570183] libpoppler security upgrade breaks xpdf

http://bugzilla.novell.com/show_bug.cgi?id=570183 http://bugzilla.novell.com/show_bug.cgi?id=570183#c56 --- Comment #56 from Bernhard Wiedemann --- This is an autogenerated message for OBS integration: This bug (570183) was mentioned in https://build.opensuse.org/request/show/31311 11.1 / poppler -- You are receiving this mail because: You are on the CC list for the bug.

2937

Age (days ago)

5222

Last active (days ago)

List overview

Download

57 comments

2 participants

participants (2)

bugzilla_noreply＠novell.com
opensuse-bugs+bounces-385816＠opensuse.org