Debian Package Tracker

general

source: atril (main)
version: 1.22.1-1
maintainer: Debian+Ubuntu MATE Packaging Team (archive) (DMD)
uploaders: John Paul Adrian Glaubitz [DMD] – Stefano Karapetsas [DMD] – Vangelis Mouhtsis [DMD] – Martin Wimpress [DMD] – Mike Gabriel [DMD]
arch: all any
std-ver: 4.4.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.8.1+dfsg1-4+deb8u1
o-o-sec: 1.8.1+dfsg1-4+deb8u2
oldstable: 1.16.1-2+deb9u1
old-sec: 1.16.1-2+deb9u1
old-bpo: 1.20.3-1~bpo9+1
stable: 1.20.3-1
testing: 1.22.1-1
unstable: 1.22.1-1

versioned links

1.8.1+dfsg1-4+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.8.1+dfsg1-4+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.1-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.20.3-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.20.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.22.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

atril (12 bugs: 0, 8, 4, 0)
atril-common
gir1.2-atril
gir1.2-atrildocument-1.5.0
gir1.2-atrilview-1.5.0
libatrildocument-dev
libatrildocument3
libatrilview-dev
libatrilview3

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-1010006: Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.

Please fix it.

Created: 2019-07-15 Last update: 2019-08-13 20:47

2 security issues in stretch high

There are 2 open security issues in stretch.

1 important issue:

CVE-2019-1010006: Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.

1 issue skipped by the security teams:

CVE-2017-1000159: Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.

Please fix them.

Created: 2019-07-15 Last update: 2019-08-13 20:47

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2019-1010006: Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.

Please fix it.

Created: 2019-07-15 Last update: 2019-08-13 20:47

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-1010006: Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.

Please fix it.

Created: 2019-07-15 Last update: 2019-08-13 20:47

AppStream hints: 1 error high

AppStream found metadata issues for packages:

atril-common: 1 error

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2018-06-04 02:26

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2019-05-29 Last update: 2019-08-25 05:16

2 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit a8e86542f9eff9197c8ee904a46c2870b316060c
Author: Martin Wimpress <martin.wimpress@ubuntu.com>
Date:   Thu Aug 8 21:12:07 2019 +0100

    debian/patches: Add 0002_CVE-2019-1010006.patch. Fix buffer overflow. (CVE-2019-1010006)

commit 6030bd9801b3db55dfabb13153889cc022bb57e7
Author: Martin Wimpress <martin.wimpress@ubuntu.com>
Date:   Thu Aug 8 21:04:46 2019 +0100

    debian/patches: Add 0001_prevent_no_doc_segfault.patch. Prevent segfaults when no document is loaded.

Created: 2019-08-09 Last update: 2019-08-23 08:18

Multiarch hinter reports 8 issue(s) normal

There are issues with the multiarch metadata for this package.

atril-common could be marked Multi-Arch: foreign
gir1.2-atril could be marked Multi-Arch: same
gir1.2-atrildocument-1.5.0 could be marked Multi-Arch: same
gir1.2-atrilview-1.5.0 could be marked Multi-Arch: same
libatrildocument-dev could be marked Multi-Arch: same
libatrildocument3 could be marked Multi-Arch: same
libatrilview-dev could be marked Multi-Arch: same
libatrilview3 could be marked Multi-Arch: same

Created: 2016-09-14 Last update: 2019-08-23 04:07

news

[rss feed]

[2019-08-13] Accepted atril 1.8.1+dfsg1-4+deb8u2 (source all amd64) into oldoldstable (Emilio Pozuelo Monfort)
[2019-08-06] atril 1.22.1-1 MIGRATED to testing (Debian testing watch)
[2019-08-01] Accepted atril 1.22.1-1 (source) into unstable (Mike Gabriel)
[2019-01-31] Accepted atril 1.20.3-1~bpo9+1 (source) into stretch-backports (Mike Gabriel)
[2018-12-28] atril 1.20.3-1 MIGRATED to testing (Debian testing watch)
[2018-12-22] Accepted atril 1.20.3-1 (source) into unstable (Mike Gabriel)
[2018-07-23] Accepted atril 1.20.2-1~bpo9+1 (source) into stretch-backports (Mike Gabriel)
[2018-07-10] atril 1.20.2-1 MIGRATED to testing (Debian testing watch)
[2018-07-10] atril 1.20.2-1 MIGRATED to testing (Debian testing watch)
[2018-07-05] Accepted atril 1.20.2-1 (source) into unstable (Mike Gabriel)
[2018-04-11] atril 1.20.1-1 MIGRATED to testing (Debian testing watch)
[2018-04-10] atril 1.20.1-1 MIGRATED to testing (Debian testing watch)
[2018-04-04] Accepted atril 1.20.1-1 (source) into unstable (Mike Gabriel)
[2018-02-20] atril 1.20.0-1 MIGRATED to testing (Debian testing watch)
[2018-02-14] Accepted atril 1.20.0-1 (source) into unstable (Mike Gabriel)
[2018-02-06] Accepted atril 1.18.3-2~bpo9+1 (source all amd64) into stretch-backports, stretch-backports (Mike Gabriel)
[2018-01-31] atril 1.18.3-2 MIGRATED to testing (Debian testing watch)
[2018-01-25] Accepted atril 1.18.3-2 (source all amd64) into unstable, unstable (Mike Gabriel)
[2018-01-05] Accepted atril 1.18.3-1~bpo9+1 (source all amd64) into stretch-backports, stretch-backports (Mike Gabriel)
[2017-12-03] atril 1.18.3-1 MIGRATED to testing (Debian testing watch)
[2017-11-26] Accepted atril 1.18.3-1 (source) into unstable (Mike Gabriel)
[2017-08-28] atril 1.18.1-1 MIGRATED to testing (Debian testing watch)
[2017-08-22] Accepted atril 1.18.1-1 (source) into unstable (Mike Gabriel)
[2017-08-04] atril 1.18.0-1 MIGRATED to testing (Debian testing watch)
[2017-07-29] Accepted atril 1.18.0-1 (source) into unstable (Mike Gabriel)
[2017-07-26] atril 1.16.1-2.1 MIGRATED to testing (Debian testing watch)
[2017-07-24] Accepted atril 1.16.1-2.1 (source) into unstable (Santiago Ruano Rincón)
[2017-07-23] Accepted atril 1.8.1+dfsg1-4+deb8u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Santiago Ruano Rincón)
[2017-07-23] Accepted atril 1.16.1-2+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Santiago Ruano Rincón)
[2017-02-04] atril 1.16.1-2 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 13
RC: 0
I&N: 9
M&W: 4
F&P: 0
patch: 1

links

homepage
lintian
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.22.1-1
26 bugs