source: pkg/viola/main/poppler/trunk/debian/changelog @ 4135

poppler (0.8.5-parsix1) unstable; urgency=low

  * Sync'd with Debian 0.8.5-1

 -- Alan Baghumian <alan@technotux.org>  Fri, 01 Aug 2008 23:16:15 +0200

poppler (0.8.5-1) unstable; urgency=low

  * New upstream release; no API changes, misc fixes.

 -- Loic Minier <lool@dooz.org>  Wed, 30 Jul 2008 14:52:42 +0200

poppler (0.8.4-1) unstable; urgency=low

  * New upstream release; no API change.
    - Fixes crash when reloading PDFs; GNOME #536482; closes: 484160.

 -- Loic Minier <lool@dooz.org>  Mon, 30 Jun 2008 10:44:16 +0200

poppler (0.8.3-1) unstable; urgency=low

  * New upstream release. Closes: #487214.
    + Fix crasher with some PDF files. Closes: #484224.

 -- Josselin Mouette <joss@debian.org>  Wed, 25 Jun 2008 16:40:39 +0200

poppler (0.8.2-2) unstable; urgency=low

  * Upload to unstable.
  * Set myself as Maintainer instead of Uploader, taking over from Ondřej SurÃœ
    but I wish we move to an official team; closes: #481323.

 -- Loic Minier <lool@dooz.org>  Thu, 15 May 2008 12:33:18 +0200

poppler (0.8.2-1) experimental; urgency=low

  * New upstream releases.
    - Drop patch 006_pthreads_ldflags, upstream now calls ACX_PTHREAD() in
      configure.ac which does the right thing.
    - Drop patch 102_embedded-font-fixes, merged upstream.

 -- Loic Minier <lool@dooz.org>  Sun, 11 May 2008 01:02:22 +0200

poppler (0.8.0-1) experimental; urgency=low

  * Bump libcairo2-dev build-dep and dep to >= 1.4; thanks
    Marc 'HE' Brockschmidt.
  * New upstream stable release, with ABI and API changes; closes: #476323.
    - Rename libpoppler2 to libpoppler3, libpoppler-glib2 to libpoppler-glib3,
      and libpoppler-qt4-2 to libpoppler-qt4-3; NB: libpoppler-qt2 not
      renamed; update control, DEB_DH_MAKESHLIBS_ARGS_* in rules, rename
      install files.
    - Drop shlib version except for libpoppler-qt2.
    - Update patch 006_pthreads_ldflags for the version-info changes in
      poppler/Makefile.am.
    - Force usage of qt4's moc via a PATH setting; export PATH.
  * Let libpoppler-glib-dev depend on libglib2.0-dev >= 2.6 for consistency
    with build-deps.
  * New patch, 102_embedded-font-fixes; protects the methods of the Object
    class to be more robust and prevent things like CVE-2008-1693; see also
    FreeDesktop/Poppler #11392; taken from the Ubuntu package;
    closes: #476842.
  * Add a poppler-dbg package; closes: #408403.
    - Bump up cdbs build-dep to >= 0.4.51 for -dbg handling fixes.
    - Add poppler-dbg to control.

 -- Loic Minier <lool@dooz.org>  Mon, 17 Mar 2008 21:00:13 +0100

poppler (0.6.4-1) unstable; urgency=medium

  * Add ${shlibs:Depends} to libpoppler-glib-dev, libpoppler-dev,
    libpoppler-qt-dev, libpoppler-qt4-dev.
  * Add ${misc:Depends}.
  * Cleanups.
  * New upstream releases; no API change; bug fixes; closes: #459342.
  * Fix copyright information to use version 2 of the GPL (instead of version 2
    or later); thanks Timo Jyrinki for the patch; closes: #453865.
  * Urgency medium for RC bug fix.
  * List pdftohtml in poppler-utils' description; closes: #464439.
  * Drop libpoppler-qt-dev dependency from libpoppler-qt4-dev; thanks
    Pino Toscano; closes: #459922.
  * Bump up Standards-Version to 3.7.3.

 -- Loic Minier <lool@dooz.org>  Fri, 18 Jan 2008 13:35:06 +0100

poppler (0.6.2-1) unstable; urgency=low

  * New upstream version. (Closes: #447992)
  * Dependency on xpdfrc was removed on 2007-02-25 (Closes: #347789, #440936)
  * Changes since 0.6.1:
    - Fix CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393 (Closes: #450628)
    - Fix a crash on documents with wrong CCITTFaxStream
    - Fix a crash in the Cairo renderer with invalid embedded fonts
    - Fix a crash with invalid TrueType fonts
    - Check if font is inside the clip area before rendering
      it to a temporary bitmap in the Splash renderer. Fixes crashes on
      incorrect documents
    - Do not use exit(1) on DCTStream errors
    - Detect form fields at any depth level
    - Do not generate appearance stream for radio buttons that are not active

 -- Ondřej SurÃœ <ondrej@debian.org>  Wed, 14 Nov 2007 11:20:07 +0100

poppler (0.6.1-2) unstable; urgency=low

  * Upload to unstable.

 -- Ondřej SurÃœ <ondrej@debian.org>  Tue, 06 Nov 2007 09:07:10 +0100

poppler (0.6.1-1) experimental; urgency=low

  * New upstream version.
  * Changes since 0.6.0:
    - poppler core:
      + Fix printing with different x and y scale
      + Fix crash when Form Fields array contains references to non
        existent objects
      + Fix crash in CairoOutputDev::drawMaskedImage()
      + Fix embedded file description not working on some cases
    - Qt4 frontend:
      + Fix printing issue
      + Avoid double free
      + Fix memory leak when dealing with embedded files
    - glib frontend:
      + Fix build with --disable-cairo-output
      + Do not return unknown field type for signature form fields
    - build system:
      + Support automake-1.10
      + More compatible sh code in qt.m4
    - utils:
      + Fix build on Sun Studio compiler

 -- Ondřej SurÃœ <ondrej@debian.org>  Thu, 25 Oct 2007 11:33:04 +0200

poppler (0.6-1) experimental; urgency=low

  * New upstream release. (Closes: #429700)
    - merged changes from Ubuntu, courtesy of Sebastien Bacher <seb128@canonical.com>
    - Fix security issue MOAB-06-01-2007
    - Fix security issue CVE-2007-3387
    - Fix security issue CVE-2007-5049 (Closes: #443903)
  * debian/watch:
    - update (Closes: #441012)
  * debian/control, debian/libpoppler2.install, debian/libpoppler-glib2.install,
    debian/libpoppler-qt2.install, debian/libpoppler-qt4-2.install,
    debian/rules:
    - updated for soname change
  * debian/libpoppler-glib-dev.install:
    - install new test-poppler-glib
  * debian/patches/002_CVE-2006-0301.patch:
    - dropped, deprecated by the upstream changes
  * debian/patches/003_glib-2.0-configure.patch:
  * debian/patches/004_CVE-2007-0104.patch:
  * debian/patches/005_fix_inverted_text_from_bug_8944.patch:
    - dropped, fixed with the new version
  * debian/patches/006_pthreads_ldflags.patch:
    - updated

 -- Ondřej SurÃœ <ondrej@debian.org>  Thu, 27 Sep 2007 09:03:33 +0200

poppler (0.5.4-6) unstable; urgency=low

  * Conflict with old library names from experimental.  (Closes: #426023)

 -- Ondřej SurÃœ <ondrej@debian.org>  Wed, 30 May 2007 08:42:32 +0200

poppler (0.5.4-5) unstable; urgency=low

  * Add missing poppler/poppler-link-qt3.h header to libpoppler-qt-dev; thanks
    Sune Vuorela; closes: #425486.
  * Let libpoppler-qt4-dev depend on libpoppler-qt-dev since some of its
    headers require poppler-page-transition.h which is clearly from the Qt
    bindings; thanks Sune Vuorela; closes: #425540.
  * Wrap build-deps and deps.
  * Drop useless debian/*.dirs.
  * Misc cleanups.
  * Build-dep on autotools-dev and drop bogus lintian overrides.

 -- Loic Minier <lool@dooz.org>  Thu, 24 May 2007 23:09:23 +0200

poppler (0.5.4-4) unstable; urgency=low

  * The "Augean Stables" release.
  * 0.5.x branch fixes all kind of displaying errors
    Closes: #372169, #235360, #331380, #332426, #336616
    Closes: #402647, #369164, #413953, #343654
  * Add versioned conflict to pdftohtml (Closes: #393169)
  * We dropped .la files some time ago, libjpeg62-dev dependency not
    needed now (Closes: #413112)
  * Crash fixed in 0.5.4 (Closes: #418638)
  * [control.in]: dropped some time ago (Closes: #407818)
  * NMU 0.5.4-5.1 merged as 004_CVE-2007-0104.patch (Closes: #407810)
  * 0.5.x uploaded to unstable (Closes: #352522)
  * qt4 libraries are now part of build (Closes: #414643)
  * No longer depends on poppler-data (Closes: #389753)
  * [debian/patches/006_pthreads_ldflags.patch]:
    + Add -lpthread to poppler/Makefile.am (Closes: #399275)

 -- Ondřej SurÃœ <ondrej@debian.org>  Wed, 16 May 2007 10:45:39 +0200

poppler (0.5.4-3) unstable; urgency=low

  * Upload to unstable.
  * Enable Cairo output again.
  * Enable gtk-doc build.
  * Add lintian override for outdated-autotools-helper-files (we use CDBS).
  * Change shared library packages names according to Library Packaging Guide.
  * Change ${Source-Version} to ${binary:Version} to allow binNMU
  * Drop (= ${Source-Version}) dependency in glib, qt3, qt4 libraries; we are
    adding that from debian/rules
  * Merge changes from Ubuntu:
    + Enable Qt4 library build (but change name to libpoppler-qt4-1).
    + [debian/patches/004_CVE-2007-0104.patch]:
      - Limit recursion depth of the parsing tree to 100 to avoid infinite loop
        with crafted documents.
      - Patch taken from koffice security update (which has a copy of xpdf
        sources).
    + [debian/patches/005_fix_inverted_text_from_bug_8944.patch]:
      - fixes "text is inverted in some PDFs"

 -- Ondřej SurÃœ <ondrej@debian.org>  Wed, 16 May 2007 08:26:47 +0200

poppler (0.5.4-2) experimental; urgency=low

  * [debian/control]: poppler-data is non-free, do not depend on it (Closes: #389753)

 -- Ondřej SurÃœ <ondrej@debian.org>  Mon,  2 Oct 2006 14:41:58 +0200

poppler (0.5.4-1) experimental; urgency=low

  * New upstrem release.
  * [debian/control.in]: remove file and add all pkg-freedesktop people
    to Uploaders: field
  * [debian/control]: Add dependency on poppler-data package.
  * [debian/patches/03_glib-2.0-configure.patch]: fix broken configure.ac

 -- Ondřej SurÃœ <ondrej@debian.org>  Fri, 22 Sep 2006 16:49:17 +0200

poppler (0.5.3-1) experimental; urgency=low

  * New upstream release.
  * debian/lib{poppler,poppler-glib,poppler-qt}-dev.install:
    Stop shipping /usr/lib/*.la in libpoppler*-dev.

 -- Ondřej SurÃœ <ondrej@debian.org>  Wed, 31 May 2006 17:19:34 +0200

poppler (0.5.2-1) experimental; urgency=low

  * New upstream release.
  * Remove patches adopted upstream:
    debian/patches/000_incorrect_define_fix.patch
    debian/patches/000_splash_build_fix.patch

 -- Ondřej SurÃœ <ondrej@debian.org>  Tue, 23 May 2006 20:21:30 +0200

poppler (0.5.1-1) experimental; urgency=low

  * Merge back changes from Ubuntu.
  * Upload to experimental (Closes: 352522)

 -- Ondřej SurÃœ <ondrej@debian.org>  Tue, 18 Apr 2006 15:08:26 +0200

poppler (0.5.1-0ubuntu6) dapper; urgency=low

  * Install poppler-page-transition into libpoppler-qt-dev (not
    libpoppler-dev), since it comes from the Qt bindings. Closes: LP#32179

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 10 Apr 2006 12:20:46 +0200

poppler (0.5.1-0ubuntu5) dapper; urgency=low

  * debian/patches/000_incorrect_define_fix.patch:
    - patch from the CVS, fix an incorrect boxes rendering (Ubuntu: #33239)

 -- Sebastien Bacher <seb128@canonical.com>  Thu, 23 Mar 2006 12:33:17 +0100

poppler (0.5.1-0ubuntu4) dapper; urgency=low

  * debian/control.in: libpoppler-dev needs to depend on libfontconfig1-dev,
    because we directly include <fontconfig/fontconfig.h> in GlobalParams.h

 -- Adam Conrad <adconrad@ubuntu.com>  Thu, 16 Mar 2006 11:23:00 +1100

poppler (0.5.1-0ubuntu3) dapper; urgency=low

  * debian/control.in: Have poppler-utils Replace: xpdf-reader, since both
    contain pdftoppm.1.gz.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 13 Mar 2006 09:10:12 +0100

poppler (0.5.1-0ubuntu2) dapper; urgency=low

  * debian/control.in:
    - fix the libpoppler1 package description

 -- Sebastien Bacher <seb128@canonical.com>  Thu,  9 Mar 2006 09:43:15 +0000

poppler (0.5.1-0ubuntu1) dapper; urgency=low

  * New upstream version:
    - Support for embedded files.
    - Handle 0-width lines correctly.
    - Avoid external file use when opening fonts.
    - Only use vector fonts returned from fontconfig (#5758).
    - Fix scaled 1x1 pixmaps use for drawing lines (#3387).
    - drawSoftMaskedImage support in cairo backend.
    - Misc bug fixes: #5922, #5946, #5749, #5952, #4030, #5420.
  * debian/control.in, debian/libpoppler0c2.dirs,
    debian/libpoppler0c2-glib.dirs, debian/libpoppler0c2-glib.install,
    debian/libpoppler0c2.install, debian/libpoppler0c2-qt.dirs,
    debian/libpoppler0c2-qt.install, debian/rules:
    - updated for the soname change
  * debian/patches/000_splash_build_fix.patch:
    - fix build when using splash
  * debian/patches/001_fixes_for_fonts_selection.patch:
    - fix with the new version

 -- Sebastien Bacher <seb128@canonical.com>  Mon,  6 Mar 2006 18:42:44 +0000

poppler (0.5.0-0ubuntu5) dapper; urgency=low

  * debian/control.in, debian/rules:
    - build without libcairo

 -- Sebastien Bacher <seb128@canonical.com>  Sun, 26 Feb 2006 20:05:10 +0100

poppler (0.5.0-0ubuntu4) dapper; urgency=low

  * debian/patches/001_fixes_for_fonts_selection.patch:
    - change from the CVS, fix some renderings issues and fonts selection

 -- Sebastien Bacher <seb128@canonical.com>  Tue,  7 Feb 2006 13:38:04 +0100

poppler (0.5.0-0ubuntu3) dapper; urgency=low

  * SECURITY UPDATE: Buffer overflow.
  * Add debian/patches/002_CVE-2006-0301.patch:
    - splash/Splash.cc, Splash::drawPixel(), Splash::drawSpan(),
      Splash::xorSpan(): Check coordinates for integer overflow.
  * CVE-2006-0301

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri,  3 Feb 2006 18:13:30 +0000

poppler (0.5.0-0ubuntu2) dapper; urgency=low

  * debian/rules: Bump shlibs version to 0.5.0.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 20 Jan 2006 16:56:40 +0100

poppler (0.5.0-0ubuntu1) dapper; urgency=low

  * New upstream release 0.5.0, required for new evince 0.5.
  * Merge with Debian.
  * Remove patches adopted upstream:
    - debian/patches/000_add-poppler-utils.patch
    - debian/patches/002-selection-crash-bug.patch
  * debian/libpoppler-dev.install:
    - Install poppler-page-transition.h.
    - Do not install poppler-config.h, it doesn't exist any more.
    - Upstream doesn't install legacy xpdf includes any more, fix path to
      install them into libpoppler-dev.
  * Add debian/patches/001_jpxstream_int_crash.patch:
    - poppler/JPXStream.h: Fix declaration of cbW to be signed.
      JPXStream.cc, readCodeBlockData() negates the value, which results in an
      invalid value on 64 bit platforms if using unsigned types.
    - Thanks to Vladimir Nadvornik for pointing at this.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 19 Jan 2006 23:49:52 +0100

poppler (0.4.4-1) unstable; urgency=high

  * New upstream security release
    - fixes CVE-2005-3624, CVE-2005-3625, CVE-2005-3627
  * Remove debian/patches/003-CVE-2005-3624_5_7.patch:
    - Merged upstream
  * Remove debian/patches/004-fix-CVE-2005-3192.patch:
    - Merged upstream
  * Remove debian/patches/001-relibtoolize.patch
    - Upstream uses recent libtool

 -- Ondřej SurÃœ <ondrej@debian.org>  Thu, 12 Jan 2006 20:40:27 +0100

poppler (0.4.3-3) unstable; urgency=low

  * Fix missing libcairo2-dev dependency (Closes: #346277)

 -- Ondřej SurÃœ <ondrej@debian.org>  Fri,  6 Jan 2006 21:37:10 +0100

poppler (0.4.3-2) unstable; urgency=high

  [ Martin Pitt ]
  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/003-CVE-2005-3624_5_7.patch:
    - poppler/Stream.cc, CCITTFaxStream::CCITTFaxStream():
      + Check columns for negative or large values.
      + CVE-2005-3624
    - poppler/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
      + Reset numComps to 0 since it's a global variable that is used later.
      + CVE-2005-3627
    - poppler/Stream.cc, DCTStream::readHuffmanTables():
      + Fix out of bounds array access in Huffman tables.
      + CVE-2005-3627
    - poppler/Stream.cc, DCTStream::readMarker():
      + Check for EOF in while loop to prevent endless loops.
      + CVE-2005-3625
    - poppler/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(),
      JBIG2Bitmap::expand(), JBIG2Stream::readHalftoneRegionSeg():
      + Check user supplied width and height against invalid values.
      + Allocate one extra byte to prevent out of bounds access in combine().
  * Add debian/patches/004-fix-CVE-2005-3192.patch:
    - Fix nVals int overflow check in StreamPredictor::StreamPredictor().
    - Forwarded upstream to https://bugs.freedesktop.org/show_bug.cgi?id=5514.

  [ Ondřej SurÃœ ]
  * Merge changes from Ubuntu (Closes: #346076).
  * Enable Cairo output again.

 -- Ondřej SurÃœ <ondrej@debian.org>  Thu,  5 Jan 2006 14:54:44 +0100

poppler (0.4.3-1) unstable; urgency=high

  * New upstream release.
  * New maintainer (Closes: #344738)
  * CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
  * Fixed some rendering bugs and disabled Cairo output
    (Closes: #314556, #322964, #328211)
  * Acknowledge NMU (Closes: #342288)
  * Add 001-selection-crash-bug.patch (Closes: #330544)
  * Add poppler-utils (merge patch from Ubuntu)

 -- Ondřej SurÃœ <ondrej@sury.org>  Fri, 30 Dec 2005 11:34:07 +0100

poppler (0.4.2-1.1) unstable; urgency=high

  * SECURITY UPDATE: Multiple integer/buffer overflows.

  * NMU to fix RC security bug (closes: #342288)
  * Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,
    thanks to Martin Pitt:
  * poppler/Stream.cc, DCTStream::readBaselineSOF(),
    DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
    - Check numComps for invalid values.
    - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
    - CVE-2005-3191
  * poppler/Stream.cc, StreamPredictor::StreamPredictor():
    - Check rowBytes for invalid values.
    - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
    - CVE-2005-3192
   * poppler/JPXStream.cc, JPXStream::readCodestream():
     - Check img.nXTiles * img.nYTiles for integer overflow.
     - http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
     - CVE-2005-3193

 -- Frank KÃŒster <frank@debian.org>  Fri, 23 Dec 2005 16:36:30 +0100

poppler (0.4.2-1) unstable; urgency=low

  * GNOME Team upload.
  * New upstream version.
  * debian/control.in:
    - updated the Build-Depends on libqt (Closes: #326130).
  * debian/rules:
    - updated the shlibs.

 -- Sebastien Bacher <seb128@debian.org>  Wed,  7 Sep 2005 12:41:48 +0200

poppler (0.4.0-1) unstable; urgency=low

  * GNOME Team Upload.
  * Rebuild for the CPP transition.
  * New upstream version (Closes: #311133):
    - fix some crashers (Closes: #315590, #312261, #309410).
    - fix some rendering defaults (Closes: #314441, #315383, #309697, #308785).
  * debian/control.in, debian/rules:
    - build with the current cairo version (Closes: #321368, #318293).
    - update for the renamed the packages.
  * debian/patches/01_CAN-2005-2097.patch:
    - Patch from Ubuntu, thanks Martin Pitt.
    - Check sanity of the TrueType "loca" table. Specially crafted broken
      tables caused disk space exhaustion due to very large generated glyph
      descriptions when attempting to fix the table.
    - Upstream patch scheduled for xpdf 3.01.
    - CAN-2005-2097
  * debian/watch:
    - fixed, patch by Jerome Warnier <jwarnier@beeznest.net> (Closes: #310996).

 -- Sebastien Bacher <seb128@debian.org>  Wed, 17 Aug 2005 21:54:07 +0200

poppler (0.3.1-1) unstable; urgency=low

  * New upstream release
  * Upstream fixed the Qt build bug, so now I can enable Qt
    build. (Closes:#307340) It leads two new binary packages
    libpoppler0-qt and libpoppler-qt-dev.
  * Excluded DEB_CONFIGURE_SYSCONFDIR setting, which is obsolete by the
    upstream removal of xpdfrc config.

 -- Changwoo Ryu <cwryu@debian.org>  Wed,  4 May 2005 00:19:35 +0900

poppler (0.3.0-2) unstable; urgency=high

  * Added shlib version info for libpoppler0-glib.
  * Corrected dependencies of libpoppler0-glib and libpoppler-glib-dev.
    (Closes: #306897)
  * Build-Depends on libgtk2.0-dev for -glib packages. (Closes: #306885)
  * Corrected descriptions of -glib packages.

 -- Changwoo Ryu <cwryu@debian.org>  Thu, 28 Apr 2005 02:41:25 +0900

poppler (0.3.0-1) unstable; urgency=low

  * New upstream release (Closes: #306573)
  * Added new binary packages libpoppler0-glib and libpoppler-glib-dev,
    which are GLib-based interfaces.  Qt interface build is termporarily
    disabled, because of an upstream FTBFS.

 -- Changwoo Ryu <cwryu@debian.org>  Thu, 28 Apr 2005 02:07:23 +0900

poppler (0.1.2-1) unstable; urgency=low

  * Initial Release (Closes: #299518)

 -- Changwoo Ryu <cwryu@debian.org>  Tue, 15 Mar 2005 02:08:00 +0900