Hello community, here is the log from the commit of package poppler checked in at Fri Feb 1 23:32:02 CET 2008. -------- --- GNOME/poppler/poppler.changes 2008-01-25 10:04:44.000000000 +0100 +++ poppler/poppler.changes 2008-01-31 22:23:11.561941000 +0100 @@ -1,0 +2,49 @@ +Thu Jan 31 22:24:29 CET 2008 - maw@suse.de + +- Update to version 0.6.4: + Qt4 frontend: + * Fix crash on links that point to a non existant page + * Make Document::renderHints return the correct render hints + * Fix infinite loop when parsing LineAnnotation + + core: + * Fix crash in the Splash renderer when T3 fonts are badly defined + * Draw underlined Links correctly + + utils: + * Fix two use after free bugs in HtmlOutputDev.cc + + build system: + * Fix build on mingw32 + + tests: + * Distribute the glade file of pdf-inspector. + +------------------------------------------------------------------- +Fri Jan 25 11:16:33 CST 2008 - maw@suse.de + +- Update to version 0.6.3: + + core: + * Fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 + * Fix a crash on documents with wrong CCITTFaxStream + * Fix a crash in the Cairo renderer with invalid embedded fonts + * Fix a crash with invalid TrueType fonts + * Check if font is inside the clip area before rendering + it to a temporary bitmap in the Splash renderer. Fixes crashes + on incorrect documents + * Do not use exit(1) on DCTStream errors + * Detect form fields at any depth level + * Do not generate appearance stream for radio buttons that are + not active + * mingw fixes + * Fix crash in extra debug code + + glib frontend: + * Make sure passwords are passed correctly to poppler core + + Qt frontend: + * Improved documentation + * Fix crash on documents that specify an empty date + + Misc build improvements +- Remove xpdf2-CVE-2007-4352.diff, xpdf2-CVE-2007-5392.diff, + and xpdf2-CVE-2007-5393.diff, all of which have been upstreamed. + +------------------------------------------------------------------- Old: ---- poppler-0.6.1.tar.bz2 xpdf2-CVE-2007-4352.diff xpdf2-CVE-2007-5392.diff xpdf2-CVE-2007-5393.diff New: ---- poppler-0.6.4.tar.bz2 poppler-uninitialized.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ poppler.spec ++++++ --- /var/tmp/diff_new_pack.uc7326/_old 2008-02-01 23:28:08.000000000 +0100 +++ /var/tmp/diff_new_pack.uc7326/_new 2008-02-01 23:28:08.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package poppler (Version 0.6.1) +# spec file for package poppler (Version 0.6.4) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -12,8 +12,8 @@ Name: poppler BuildRequires: gtk-doc gtk2-devel libdrm-devel libjpeg-devel libqt4-devel libxml2-devel qt-devel qt3-devel update-desktop-files zlib-devel -Version: 0.6.1 -Release: 4 +Version: 0.6.4 +Release: 1 # WARNING: After changing versions please call Re or rpmbuild to auto-update spec file: #%(sh %{_sourcedir}/%{name}_spec-prepare.sh %{_sourcedir} %{name}) %define poppler_soname 2 @@ -27,13 +27,7 @@ Source: %{name}-%{version}.tar.bz2 Source1: %{name}_spec-prepare.sh Patch: poppler-qt-m4.patch -# These are for https://bugzilla.novell.com/show_bug.cgi?id=335637 -# PATCH-FIX-UPSTREAM xpdf2-CVE-2007-4352.diff bnc335637 -Patch2: xpdf2-CVE-2007-4352.diff -# PATCH-FIX-UPSTREAM xpdf2-CVE-2007-5392.diff bnc335637 -Patch3: xpdf2-CVE-2007-5392.diff -# PATCH-FIX-UPSTREAM xpdf2-CVE-2007-5393.diff bnc335637 -Patch4: xpdf2-CVE-2007-5393.diff +Patch5: poppler-uninitialized.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -468,6 +462,7 @@ %prep %setup -q %patch +###%patch5 -p1 %build ACLOCAL="aclocal -I m4" autoreconf -f -i @@ -566,6 +561,45 @@ %{_datadir}/gtk-doc/html/poppler %changelog +* Thu Jan 31 2008 maw@suse.de +- Update to version 0.6.4: + Qt4 frontend: + * Fix crash on links that point to a non existant page + * Make Document::renderHints return the correct render hints + * Fix infinite loop when parsing LineAnnotation + core: + * Fix crash in the Splash renderer when T3 fonts are badly defined + * Draw underlined Links correctly + utils: + * Fix two use after free bugs in HtmlOutputDev.cc + build system: + * Fix build on mingw32 + tests: + * Distribute the glade file of pdf-inspector. +* Fri Jan 25 2008 maw@suse.de +- Update to version 0.6.3: + + core: + * Fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 + * Fix a crash on documents with wrong CCITTFaxStream + * Fix a crash in the Cairo renderer with invalid embedded fonts + * Fix a crash with invalid TrueType fonts + * Check if font is inside the clip area before rendering + it to a temporary bitmap in the Splash renderer. Fixes crashes + on incorrect documents + * Do not use exit(1) on DCTStream errors + * Detect form fields at any depth level + * Do not generate appearance stream for radio buttons that are + not active + * mingw fixes + * Fix crash in extra debug code + + glib frontend: + * Make sure passwords are passed correctly to poppler core + + Qt frontend: + * Improved documentation + * Fix crash on documents that specify an empty date + + Misc build improvements +- Remove xpdf2-CVE-2007-4352.diff, xpdf2-CVE-2007-5392.diff, + and xpdf2-CVE-2007-5393.diff, all of which have been upstreamed. * Fri Jan 25 2008 stbinner@suse.de - fix build on 10.2 * Mon Nov 05 2007 maw@suse.de ++++++ poppler-0.6.1.tar.bz2 -> poppler-0.6.4.tar.bz2 ++++++ ++++ 5837 lines of diff (skipped) ++++++ poppler-uninitialized.patch ++++++ Index: poppler-0.6.3/poppler/Page.cc =================================================================== --- poppler-0.6.3.orig/poppler/Page.cc +++ poppler-0.6.3/poppler/Page.cc @@ -354,16 +354,16 @@ Gfx *Page::createGfx(OutputDev *out, dou rotate += 360; } - makeBox(hDPI, vDPI, rotate, useMediaBox, out->upsideDown(), + mediaBox = makeBox(hDPI, vDPI, rotate, useMediaBox, out->upsideDown(), sliceX, sliceY, sliceW, sliceH, &box, &crop); cropBox = getCropBox(); if (globalParams->getPrintCommands()) { - printf("***** MediaBox = ll:%g,%g ur:%g,%g\n", - mediaBox->x1, mediaBox->y1, mediaBox->x2, mediaBox->y2); + printf("***** MediaBox = ll:%g,%g ur:%g,%g\n", + mediaBox->x1, mediaBox->y1, mediaBox->x2, mediaBox->y2); printf("***** CropBox = ll:%g,%g ur:%g,%g\n", - cropBox->x1, cropBox->y1, cropBox->x2, cropBox->y2); - printf("***** Rotate = %d\n", attrs->getRotate()); + cropBox->x1, cropBox->y1, cropBox->x2, cropBox->y2); + printf("***** Rotate = %d\n", attrs->getRotate()); } gfx = new Gfx(xref, out, num, attrs->getResourceDict(), ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org