Debian Package Tracker

From: Brian May <bam@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted poppler 0.26.5-2+deb8u12 (source amd64 all) into oldoldstable
Date: Thu, 17 Oct 2019 06:40:33 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 14 Oct 2019 17:24:52 +1100
Source: poppler
Binary: libpoppler46 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0 libpoppler-cpp-dev poppler-utils poppler-dbg
Architecture: source amd64 all
Version: 0.26.5-2+deb8u12
Distribution: jessie-security
Urgency: high
Maintainer: Loic Minier <lool@dooz.org>
Changed-By: Brian May <bam@debian.org>
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
 libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
 libpoppler46 - PDF rendering library
 poppler-dbg - PDF rendering library -- debugging symbols
 poppler-utils - PDF utilities (based on Poppler)
Changes:
 poppler (0.26.5-2+deb8u12) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-9959
     JPXStream::init function doesn't check for negative values of
     stream length, leading to an Integer Overflow, leading to large
     memory request causing DOS.
   * CVE-2019-10871
     Fix heap-based buffer over-read in the function
     PSOutputDev::checkPageSlice at PSOutputDev.cc by defining
     SPLASH_CMYK in builds.
Checksums-Sha1:
 d5c02273032d1c2b9dfbcb60394e73a4ff7b8be6 3306 poppler_0.26.5-2+deb8u12.dsc
 12937666faee80bae397a8338a3357e864d77d53 1595232 poppler_0.26.5.orig.tar.xz
 cf134f1239839f03ea27c86dc81fea541e45266b 47872 poppler_0.26.5-2+deb8u12.debian.tar.xz
 3ee2e0c68ea7cd30b20c2f6cf9693ccd4ded20e3 1220380 libpoppler46_0.26.5-2+deb8u12_amd64.deb
 80af8464c2177b87fd5ef1c4844d580124c98c68 778710 libpoppler-dev_0.26.5-2+deb8u12_amd64.deb
 b03d30e934f3fdd8bec832896231abaf7a4ea883 181582 libpoppler-private-dev_0.26.5-2+deb8u12_amd64.deb
 306e5348ffb729ce069301c63d71192a0295b7aa 123250 libpoppler-glib8_0.26.5-2+deb8u12_amd64.deb
 e5208ba274ac278a788cf78ddb050415957819b8 164508 libpoppler-glib-dev_0.26.5-2+deb8u12_amd64.deb
 7aba1af44f9c88d41df758cbd0b72aebf59c4fc9 86954 libpoppler-glib-doc_0.26.5-2+deb8u12_all.deb
 05e6db5cdc4e82ff639484ab2e18fe7ab44e2cbb 35338 gir1.2-poppler-0.18_0.26.5-2+deb8u12_amd64.deb
 c131ed7d7501a3723e452f66702c51e09cbd7c38 128600 libpoppler-qt4-4_0.26.5-2+deb8u12_amd64.deb
 3b644e36c0a65a7a863168bcff605d565861049f 160042 libpoppler-qt4-dev_0.26.5-2+deb8u12_amd64.deb
 cb21934b72e59318d1dbf6ed4759e22487001869 133506 libpoppler-qt5-1_0.26.5-2+deb8u12_amd64.deb
 f27913713c668ea2d1aa607d7839af98e146f989 166450 libpoppler-qt5-dev_0.26.5-2+deb8u12_amd64.deb
 f28929f7b71f2037c799228d2734660b5ac3daef 45808 libpoppler-cpp0_0.26.5-2+deb8u12_amd64.deb
 2af18ac45a333577ce9bb66b6aecf3eb87584f4b 50384 libpoppler-cpp-dev_0.26.5-2+deb8u12_amd64.deb
 2293f3f8103b4d7a621cef9f3b4c67bfb711681a 141944 poppler-utils_0.26.5-2+deb8u12_amd64.deb
 f62715608b51017162aac85744a862602769a2d9 7706174 poppler-dbg_0.26.5-2+deb8u12_amd64.deb
Checksums-Sha256:
 a0f06825dcc3e3ec8f5aca3e345ec4cc5dea211d3a4aa1e5ce64b7c6181c9255 3306 poppler_0.26.5-2+deb8u12.dsc
 de7de5fa337431e5d1f372e8577b3707322f1dbc1dc28a70f2927476f134d1ee 1595232 poppler_0.26.5.orig.tar.xz
 945dd6c442b782ba55324797546454fc752ad54b3a65427c45ae65257c363103 47872 poppler_0.26.5-2+deb8u12.debian.tar.xz
 d7a899e0823ab839f6d72a7de93d5c07f364bb54cb26af5d3e7f0db45bac7844 1220380 libpoppler46_0.26.5-2+deb8u12_amd64.deb
 5384d3b10e55cb9cc5fdb7626df37717e063eeb6bcacf238ce53fa8579da35db 778710 libpoppler-dev_0.26.5-2+deb8u12_amd64.deb
 d321aa222a13ea77afc06524e70d7dd6d2385b02e5c51e7230d39efbbae10f5e 181582 libpoppler-private-dev_0.26.5-2+deb8u12_amd64.deb
 bb96fc57e312aefbaab806fc27da1b4bc4d857ce1e807fcd77df198e905a9f34 123250 libpoppler-glib8_0.26.5-2+deb8u12_amd64.deb
 0de282293f9a12928b7c1d51e3ced443f3fc987328b453ba9fb9e8ca42b6bc5e 164508 libpoppler-glib-dev_0.26.5-2+deb8u12_amd64.deb
 adfe660640043543890b9490f67d1675a67ad1ea173e57d248c30a94941c3f10 86954 libpoppler-glib-doc_0.26.5-2+deb8u12_all.deb
 d1569f3211bf0249ef3a6a2c35de31d28734bf2070b6a673876ea278ab2c1ec6 35338 gir1.2-poppler-0.18_0.26.5-2+deb8u12_amd64.deb
 910b692d96411e4ebdea93dff93b89e31063fcf4b17dc107d1f22f33513fae2e 128600 libpoppler-qt4-4_0.26.5-2+deb8u12_amd64.deb
 129342882c45f90321f7aec9f18d9bce15537ece8cd402e620db52303f1df133 160042 libpoppler-qt4-dev_0.26.5-2+deb8u12_amd64.deb
 1c2227e88c5576f73e10ec05532bc411bdcacc2806ca7d472dfa90bd8029fcc3 133506 libpoppler-qt5-1_0.26.5-2+deb8u12_amd64.deb
 64a252f6a03210653a5663b2bcd0357e994c0411da59311d3a9761cfcdb0db81 166450 libpoppler-qt5-dev_0.26.5-2+deb8u12_amd64.deb
 2d1340aabf415d0ef24090037413175a121c8b7ef742ac383b5babc74bb1de53 45808 libpoppler-cpp0_0.26.5-2+deb8u12_amd64.deb
 12d4e5892cff66867d0cab17392f90281fb6c20c9fdc27f36e2675cc6cade6be 50384 libpoppler-cpp-dev_0.26.5-2+deb8u12_amd64.deb
 958b854785a63c641eada96ad3c146c585911b73f10a1ecb176d2a8255e72de9 141944 poppler-utils_0.26.5-2+deb8u12_amd64.deb
 8e534a2d81f49af14dabbcc55fefb02ed9b512649ee4ad3a9e8090624ee22e90 7706174 poppler-dbg_0.26.5-2+deb8u12_amd64.deb
Files:
 2432aade7ad284d764942455476ef055 3306 devel optional poppler_0.26.5-2+deb8u12.dsc
 786c943eee550e3a977c181e7778b1c8 1595232 devel optional poppler_0.26.5.orig.tar.xz
 2ba88fc591be7cc4b7bb1cf0bfd5368c 47872 devel optional poppler_0.26.5-2+deb8u12.debian.tar.xz
 f174def10e49672cccb0be35e1c07a48 1220380 libs optional libpoppler46_0.26.5-2+deb8u12_amd64.deb
 f3f71883034922c9e3e443553c9823db 778710 libdevel optional libpoppler-dev_0.26.5-2+deb8u12_amd64.deb
 557c1cc1d6e1074a977f91431dbe41d7 181582 libdevel optional libpoppler-private-dev_0.26.5-2+deb8u12_amd64.deb
 75f9fef6b1f957b652f0a3321bb45f40 123250 libs optional libpoppler-glib8_0.26.5-2+deb8u12_amd64.deb
 97fbafc1ae5a5e22ce272139df11e590 164508 libdevel optional libpoppler-glib-dev_0.26.5-2+deb8u12_amd64.deb
 06236c8dc4a8bfa6380ef99564a434f8 86954 doc optional libpoppler-glib-doc_0.26.5-2+deb8u12_all.deb
 3da2c2d089076dfb52c72a3c3aa779ff 35338 introspection optional gir1.2-poppler-0.18_0.26.5-2+deb8u12_amd64.deb
 9bf583d8c002c59d50749aff4ea0f896 128600 libs optional libpoppler-qt4-4_0.26.5-2+deb8u12_amd64.deb
 301ccfe01f62e21e4ce372dd0c273788 160042 libdevel optional libpoppler-qt4-dev_0.26.5-2+deb8u12_amd64.deb
 1a9373ab27ee1dcc2f68f76085fbd848 133506 libs optional libpoppler-qt5-1_0.26.5-2+deb8u12_amd64.deb
 b0c7254e5daf36735c7bf0682499f8eb 166450 libdevel optional libpoppler-qt5-dev_0.26.5-2+deb8u12_amd64.deb
 bae647a95fe520c19c895fe39a6eb2b5 45808 libs optional libpoppler-cpp0_0.26.5-2+deb8u12_amd64.deb
 862b189bd49e022d2399c09bf6801ddc 50384 libdevel optional libpoppler-cpp-dev_0.26.5-2+deb8u12_amd64.deb
 b197e8cc69e4a20f9a00e00d612a74c8 141944 utils optional poppler-utils_0.26.5-2+deb8u12_amd64.deb
 2011067e8bf02bbbc94569d28f8144b9 7706174 debug extra poppler-dbg_0.26.5-2+deb8u12_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAl2oBjIACgkQKpJZkldk
SvpgnQ/+IWmJiCBzOmNoqS/mSo7E8DUTz3DbXnBd9Us1pQ+ExzZhKNPlZNTXI5u6
y619rDBTOEUn3K6cxG2l9EbKbx8f63n5FMoiOrxB4JMtBsKXsmqPpj/u/u6GSuhw
aKZrCfpLjZHmAQyEfKY9pP33yLRL/Ch997kCiV1LVtUTOvFuWhcAarW8A10csit7
MTr0P7x3oSA5xHLDhL4tCUbDRDe2EdblyQULQRXBknJ4l1E7vm38MTTespzxYmb5
ZV/QyHMST4Qp0r8iE5wSSxrKunytfc4D0veBcFU4MEKd7mdqyHzKxnzSacaCZf4s
jbFhl+xSzbd+XlgLJfpc+Qj9H6P8bLBb8eamVbQfjc5cR2Dhah1t1MqEAj7X8rPp
OZA3pk2uCsTDcYGu4cxAxt3BMf4iITIy3VS76QizgaWqFH7zppwXXQGmLk2bBB3h
Ma97WmU718gtyYNZpLwzp9L1xuGC2bRZz1ac7W+9oOxL2glvX5nbjqp98N78FU5x
O+MHYIb/d/jTKkNvqeqhKWaJPLRFp63yQTy3++VkNjOpix5oxWEP6QVF2lFwc+iH
QrWCYqM7lGVv0VtLNFFTtBxs86M1W6cdLhuY6leg8Tsd8oD4VveAVFmZ0U9WOAAj
HR36p1VinG9oW+8DWepDAqtMLSovGK1RRCZDeeG6omNoP6K8fok=
=7NCg
-----END PGP SIGNATURE-----
News for package poppler
