summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Sturmlechner <asturm@gentoo.org>2017-11-24 22:23:34 +0100
committerAndreas Sturmlechner <asturm@gentoo.org>2017-11-25 00:06:21 +0100
commit21121c39ac5e0a8fc7481a0223e05c95fa30ee0d (patch)
treedb2ca659caf2e60ee81a1d248737101904ae2a4f
parentapp-text/poppler: Fix CVE-2017-14517 (diff)
downloadgentoo-21121c39ac5e0a8fc7481a0223e05c95fa30ee0d.tar.gz
gentoo-21121c39ac5e0a8fc7481a0223e05c95fa30ee0d.tar.bz2
gentoo-21121c39ac5e0a8fc7481a0223e05c95fa30ee0d.zip
app-text/poppler: Fix CVE-2017-1792{6,7,8,9}, CVE-2017-15565
Bug: https://bugs.gentoo.org/635364 Package-Manager: Portage-2.3.16, Repoman-2.3.6
-rw-r--r--app-text/poppler/Manifest2
-rw-r--r--app-text/poppler/files/poppler-0.57.0-CVE-2017-14926.patch36
-rw-r--r--app-text/poppler/files/poppler-0.57.0-CVE-2017-14927.patch32
-rw-r--r--app-text/poppler/files/poppler-0.57.0-CVE-2017-14928.patch69
-rw-r--r--app-text/poppler/files/poppler-0.57.0-CVE-2017-14929.patch252
-rw-r--r--app-text/poppler/files/poppler-0.57.0-CVE-2017-15565.patch28
-rw-r--r--app-text/poppler/poppler-0.57.0-r1.ebuild5
7 files changed, 423 insertions, 1 deletions
diff --git a/app-text/poppler/Manifest b/app-text/poppler/Manifest
index 4fb1a1ebb5b..15244e7da33 100644
--- a/app-text/poppler/Manifest
+++ b/app-text/poppler/Manifest
@@ -1,5 +1,5 @@
DIST poppler-0.57.0.tar.xz 1703300 BLAKE2B e4126dff2e0ee140fa4c5c30d5a57da5aff38d4c1f566e4ace22d3fe625949db3a662a8513881702cd5c5c302845998dd462048b5158abaf1d119650c997c84c SHA512 197a0bf51e7fd607db83144d771904e48f266ab9e1252c688f9e7700a5bdd239670cf0363e9d77137bafa9c08fb6ddb9d066cc78a74dac7dfd717662b25cac5f
-DIST poppler-0.58.0.tar.xz 1710412 SHA256 0e42e46419ae54b02d9f2b527c6475b6011d15816918b9057dfa3aae211af832 SHA512 0675846fc99578925840cbb17083463da6ea54f7de348b946ae7d4480d9d87bd4b5069392b23a8b9bbafe0aafafaf5a200134be52d0832558104cb4aa2497aee WHIRLPOOL 658f7dfbb786c2e09558f7e89ef0832db4ff32eaef08b7360fbf468236db01b44e33374424df6b64c17f018d7b10f61e151c08026652628d387958143a5a3837
+DIST poppler-0.58.0.tar.xz 1710412 BLAKE2B ac2558503f86e8f0729d9ee5e4bc6c59dc9a4abca2e94b4e94b27b139dcb237b608af70b011b6f042a06d18ce83e32593f5b3d28876ee2606d7e63bc9230e51e SHA512 0675846fc99578925840cbb17083463da6ea54f7de348b946ae7d4480d9d87bd4b5069392b23a8b9bbafe0aafafaf5a200134be52d0832558104cb4aa2497aee
DIST poppler-0.59.0.tar.xz 1712004 SHA256 a3d626b24cd14efa9864e12584b22c9c32f51c46417d7c10ca17651f297c9641 SHA512 23777922dc95feee2a4459281081b37e124a39fc25cd00c2c3fc206f5484c13eb9ac5317f674fbbcb51e384f9a53e38b4cacbf1426c68d2bae21a7cefbc48a0e WHIRLPOOL 82ec203c17e2b2544cc0ac12d0b22bb051abf776114d17e1548f47d5e38ff289dee2e9c4b27dc16e3953b6f5b5ff0e0eeecfba73561dbc396ee0db7c5a4847e2
DIST poppler-0.60.1.tar.xz 1432712 SHA256 19f185e05c3b59b4a1de2cec8ef39f5446035493d17bbed41d02fb9a77c8a93c SHA512 db73524b7413dddee38d5a049f3926338ee123b8fc4893d80ee9cf5aaae47c8c7b75b112293b156cd375894e548ec68e5fbf4af305e77b43bc3868ad1c966cdc WHIRLPOOL fe1fe7a3f0c0bac57c7503ad183fe2e8e2f0378c4dedc0dadbc6dcfaeaf8044bf387256742a970af5ed9e2704e42c35e996957e765eeff1aca4bedcc427ae6a7
DIST poppler-0.61.1.tar.xz 1433696 SHA256 1266096343f5163c1a585124e9a6d44474e1345de5cdfe55dc7b47357bcfcda9 SHA512 780ebf07ad757635f3f71c7b1f61ad0849526f99f0dc514c3290c4e8db7000a68dfe50c17253d4c086aec5c5390055102478eba96699088179822f3be5ce278d WHIRLPOOL 9d41a9c2ae551f71a82cdae763a4d9c032977c1140fb89f619b912169f9c48c6b310bba38b0138de16c5af04cb46f0f58c57c60a15a648fefcd92cee8c8583df
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14926.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14926.patch
new file mode 100644
index 00000000000..882cf0e2b8b
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14926.patch
@@ -0,0 +1,36 @@
+From 170fe21144d469d3f865eda6e298df440b784499 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Fri, 8 Sep 2017 18:28:15 +0200
+Subject: [PATCH 2/3] Annot: Fix crash on broken files
+
+Bug #102601
+
+(cherry picked from commit 2532df6060092e9fab7f041ae9598aff9cdd94bb)
+---
+ poppler/Annot.cc | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/poppler/Annot.cc b/poppler/Annot.cc
+index 27b698db..643ff12c 100644
+--- a/poppler/Annot.cc
++++ b/poppler/Annot.cc
+@@ -6865,13 +6865,13 @@ AnnotRichMedia::Content::Content(Dict *dict) {
+ assets = (Asset **)gmallocn(nAssets, sizeof(Asset *));
+
+ int counter = 0;
+- for (int i = 0; i < obj2.arrayGetLength(); i += 2) {
++ for (int i = 0; i < nAssets; ++i) {
+ Object objKey;
+
+ assets[counter] = new AnnotRichMedia::Asset;
+
+- obj2.arrayGet(i, &objKey);
+- obj2.arrayGet(i + 1, &assets[counter]->fileSpec);
++ obj2.arrayGet(i * 2, &objKey);
++ obj2.arrayGet(i * 2 + 1, &assets[counter]->fileSpec);
+
+ assets[counter]->name = new GooString( objKey.getString() );
+ ++counter;
+--
+2.14.1
+
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14927.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14927.patch
new file mode 100644
index 00000000000..3595345800f
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14927.patch
@@ -0,0 +1,32 @@
+From 876e7f76159e2b12ee7d2d396f327dd2cc90bcb0 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Fri, 8 Sep 2017 18:26:05 +0200
+Subject: [PATCH 3/3] SplashOutputDev: Fix crash on broken files
+
+Bug #102604
+
+(cherry picked from commit 6472d8493f7e82cc78b41da20a2bf19fcb4e0a7d)
+---
+ poppler/SplashOutputDev.cc | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/poppler/SplashOutputDev.cc b/poppler/SplashOutputDev.cc
+index 5502be64..46b55a42 100644
+--- a/poppler/SplashOutputDev.cc
++++ b/poppler/SplashOutputDev.cc
+@@ -2714,7 +2714,11 @@ void SplashOutputDev::endType3Char(GfxState *state) {
+ }
+
+ void SplashOutputDev::type3D0(GfxState *state, double wx, double wy) {
+- t3GlyphStack->haveDx = gTrue;
++ if (likely(t3GlyphStack != nullptr)) {
++ t3GlyphStack->haveDx = gTrue;
++ } else {
++ error(errSyntaxWarning, -1, "t3GlyphStack was null in SplashOutputDev::type3D0");
++ }
+ }
+
+ void SplashOutputDev::type3D1(GfxState *state, double wx, double wy,
+--
+2.14.1
+
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14928.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14928.patch
new file mode 100644
index 00000000000..bd2af863423
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14928.patch
@@ -0,0 +1,69 @@
+From 6bf7212c44d0131c8f8227a4a4dadc52a3afebd9 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Fri, 8 Sep 2017 18:29:42 +0200
+Subject: [PATCH 1/3] Annot: Fix crash on broken files
+
+Bug #102607
+
+(cherry picked from commit 1316c7a41f4dd7276f404f775ebb5fef2d24ab1c)
+---
+ poppler/Annot.cc | 42 +++++++++++++++++++++++-------------------
+ 1 file changed, 23 insertions(+), 19 deletions(-)
+
+diff --git a/poppler/Annot.cc b/poppler/Annot.cc
+index 974b098b..27b698db 100644
+--- a/poppler/Annot.cc
++++ b/poppler/Annot.cc
+@@ -6982,26 +6982,30 @@ AnnotRichMedia::Configuration::Configuration(Dict *dict)
+ } else if (!strcmp(name, "Video")) {
+ type = typeVideo;
+ } else {
+- // determine from first instance
++ // determine from first non null instance
++ type = typeFlash; // default in case all instances are null
+ if (instances && nInstances > 0) {
+- AnnotRichMedia::Instance *instance = instances[0];
+- switch (instance->getType()) {
+- case AnnotRichMedia::Instance::type3D:
+- type = type3D;
+- break;
+- case AnnotRichMedia::Instance::typeFlash:
+- type = typeFlash;
+- break;
+- case AnnotRichMedia::Instance::typeSound:
+- type = typeSound;
+- break;
+- case AnnotRichMedia::Instance::typeVideo:
+- type = typeVideo;
+- break;
+- default:
+- type = typeFlash;
+- break;
+- }
++ for (int i = 0; i < nInstances; ++i) {
++ AnnotRichMedia::Instance *instance = instances[i];
++ if (instance) {
++ switch (instance->getType()) {
++ case AnnotRichMedia::Instance::type3D:
++ type = type3D;
++ break;
++ case AnnotRichMedia::Instance::typeFlash:
++ type = typeFlash;
++ break;
++ case AnnotRichMedia::Instance::typeSound:
++ type = typeSound;
++ break;
++ case AnnotRichMedia::Instance::typeVideo:
++ type = typeVideo;
++ break;
++ }
++ // break the loop since we found the first non null instance
++ break;
++ }
++ }
+ }
+ }
+ }
+--
+2.14.1
+
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14929.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14929.patch
new file mode 100644
index 00000000000..11745ca5436
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14929.patch
@@ -0,0 +1,252 @@
+From accdc5be215c7ee3223e3ad21dee7708d910ef23 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Mon, 25 Sep 2017 19:33:44 +0200
+Subject: [PATCH 4/4] Fix infinite recursion on broken files
+
+Bug #102969
+---
+ poppler/Gfx.cc | 46 ++++++++++++++++++++++++++++++++++------------
+ poppler/GfxState.cc | 33 ++++++++++++++++++---------------
+ poppler/GfxState.h | 15 +++++++++------
+ 3 files changed, 61 insertions(+), 33 deletions(-)
+
+diff --git a/poppler/Gfx.cc b/poppler/Gfx.cc
+index 9feac54c..66d0a24c 100644
+--- a/poppler/Gfx.cc
++++ b/poppler/Gfx.cc
+@@ -468,8 +468,14 @@ GfxPattern *GfxResources::lookupPattern(char *name, OutputDev *out, GfxState *st
+
+ for (resPtr = this; resPtr; resPtr = resPtr->next) {
+ if (resPtr->patternDict.isDict()) {
+- if (!resPtr->patternDict.dictLookup(name, &obj)->isNull()) {
+- pattern = GfxPattern::parse(resPtr, &obj, out, state);
++ if (!resPtr->patternDict.dictLookupNF(name, &obj)->isNull()) {
++ Ref patternRef = { -1, -1 };
++ if (obj.isRef()) {
++ patternRef = obj.getRef();
++ obj.fetch(resPtr->patternDict.getDict()->getXRef(), &obj);
++ }
++
++ pattern = GfxPattern::parse(resPtr, &obj, out, state, patternRef.num);
+ obj.free();
+ return pattern;
+ }
+@@ -2298,18 +2304,34 @@ void Gfx::doTilingPatternFill(GfxTilingPattern *tPat,
+ xi0, yi0, xi1, yi1, xstep, ystep)) {
+ goto restore;
+ } else {
+- out->updatePatternOpacity(state);
+- for (yi = yi0; yi < yi1; ++yi) {
+- for (xi = xi0; xi < xi1; ++xi) {
+- x = xi * xstep;
+- y = yi * ystep;
+- m1[4] = x * m[0] + y * m[2] + m[4];
+- m1[5] = x * m[1] + y * m[3] + m[5];
+- drawForm(tPat->getContentStream(), tPat->getResDict(),
+- m1, tPat->getBBox());
++ bool shouldDrawForm = gTrue;
++ std::set<int>::iterator patternRefIt;
++ const int patternRefNum = tPat->getPatternRefNum();
++ if (patternRefNum != -1) {
++ if (formsDrawing.find(patternRefNum) == formsDrawing.end()) {
++ patternRefIt = formsDrawing.insert(patternRefNum).first;
++ } else {
++ shouldDrawForm = gFalse;
++ }
++ }
++
++ if (shouldDrawForm) {
++ out->updatePatternOpacity(state);
++ for (yi = yi0; yi < yi1; ++yi) {
++ for (xi = xi0; xi < xi1; ++xi) {
++ x = xi * xstep;
++ y = yi * ystep;
++ m1[4] = x * m[0] + y * m[2] + m[4];
++ m1[5] = x * m[1] + y * m[3] + m[5];
++ drawForm(tPat->getContentStream(), tPat->getResDict(),
++ m1, tPat->getBBox());
++ }
++ }
++ out->clearPatternOpacity(state);
++ if (patternRefNum != -1) {
++ formsDrawing.erase(patternRefIt);
+ }
+ }
+- out->clearPatternOpacity(state);
+ }
+
+ // restore graphics state
+diff --git a/poppler/GfxState.cc b/poppler/GfxState.cc
+index f61f8124..90030b10 100644
+--- a/poppler/GfxState.cc
++++ b/poppler/GfxState.cc
+@@ -3446,14 +3446,17 @@ void GfxPatternColorSpace::getDefaultColor(GfxColor *color) {
+ // Pattern
+ //------------------------------------------------------------------------
+
+-GfxPattern::GfxPattern(int typeA) {
+- type = typeA;
++GfxPattern::GfxPattern(int typeA, int patternRefNumA)
++ : type(typeA)
++ , patternRefNum(patternRefNumA)
++{
++
+ }
+
+ GfxPattern::~GfxPattern() {
+ }
+
+-GfxPattern *GfxPattern::parse(GfxResources *res, Object *obj, OutputDev *out, GfxState *state) {
++GfxPattern *GfxPattern::parse(GfxResources *res, Object *obj, OutputDev *out, GfxState *state, int patternRefNum) {
+ GfxPattern *pattern;
+ Object obj1;
+
+@@ -3466,9 +3469,9 @@ GfxPattern *GfxPattern::parse(GfxResources *res, Object *obj, OutputDev *out, Gf
+ }
+ pattern = NULL;
+ if (obj1.isInt() && obj1.getInt() == 1) {
+- pattern = GfxTilingPattern::parse(obj);
++ pattern = GfxTilingPattern::parse(obj, patternRefNum);
+ } else if (obj1.isInt() && obj1.getInt() == 2) {
+- pattern = GfxShadingPattern::parse(res, obj, out, state);
++ pattern = GfxShadingPattern::parse(res, obj, out, state, patternRefNum);
+ }
+ obj1.free();
+ return pattern;
+@@ -3478,7 +3481,7 @@ GfxPattern *GfxPattern::parse(GfxResources *res, Object *obj, OutputDev *out, Gf
+ // GfxTilingPattern
+ //------------------------------------------------------------------------
+
+-GfxTilingPattern *GfxTilingPattern::parse(Object *patObj) {
++GfxTilingPattern *GfxTilingPattern::parse(Object *patObj, int patternRefNum) {
+ GfxTilingPattern *pat;
+ Dict *dict;
+ int paintTypeA, tilingTypeA;
+@@ -3555,7 +3558,7 @@ GfxTilingPattern *GfxTilingPattern::parse(Object *patObj) {
+ obj1.free();
+
+ pat = new GfxTilingPattern(paintTypeA, tilingTypeA, bboxA, xStepA, yStepA,
+- &resDictA, matrixA, patObj);
++ &resDictA, matrixA, patObj, patternRefNum);
+ resDictA.free();
+ return pat;
+ }
+@@ -3563,8 +3566,8 @@ GfxTilingPattern *GfxTilingPattern::parse(Object *patObj) {
+ GfxTilingPattern::GfxTilingPattern(int paintTypeA, int tilingTypeA,
+ double *bboxA, double xStepA, double yStepA,
+ Object *resDictA, double *matrixA,
+- Object *contentStreamA):
+- GfxPattern(1)
++ Object *contentStreamA, int patternRefNumA) :
++ GfxPattern(1, patternRefNumA)
+ {
+ int i;
+
+@@ -3589,14 +3592,14 @@ GfxTilingPattern::~GfxTilingPattern() {
+
+ GfxPattern *GfxTilingPattern::copy() {
+ return new GfxTilingPattern(paintType, tilingType, bbox, xStep, yStep,
+- &resDict, matrix, &contentStream);
++ &resDict, matrix, &contentStream, getPatternRefNum());
+ }
+
+ //------------------------------------------------------------------------
+ // GfxShadingPattern
+ //------------------------------------------------------------------------
+
+-GfxShadingPattern *GfxShadingPattern::parse(GfxResources *res, Object *patObj, OutputDev *out, GfxState *state) {
++GfxShadingPattern *GfxShadingPattern::parse(GfxResources *res, Object *patObj, OutputDev *out, GfxState *state, int patternRefNum) {
+ Dict *dict;
+ GfxShading *shadingA;
+ double matrixA[6];
+@@ -3629,11 +3632,11 @@ GfxShadingPattern *GfxShadingPattern::parse(GfxResources *res, Object *patObj, O
+ }
+ obj1.free();
+
+- return new GfxShadingPattern(shadingA, matrixA);
++ return new GfxShadingPattern(shadingA, matrixA, patternRefNum);
+ }
+
+-GfxShadingPattern::GfxShadingPattern(GfxShading *shadingA, double *matrixA):
+- GfxPattern(2)
++GfxShadingPattern::GfxShadingPattern(GfxShading *shadingA, double *matrixA, int patternRefNumA):
++ GfxPattern(2, patternRefNumA)
+ {
+ int i;
+
+@@ -3648,7 +3651,7 @@ GfxShadingPattern::~GfxShadingPattern() {
+ }
+
+ GfxPattern *GfxShadingPattern::copy() {
+- return new GfxShadingPattern(shading->copy(), matrix);
++ return new GfxShadingPattern(shading->copy(), matrix, getPatternRefNum());
+ }
+
+ //------------------------------------------------------------------------
+diff --git a/poppler/GfxState.h b/poppler/GfxState.h
+index 7bcedf2a..4b13fb2a 100644
+--- a/poppler/GfxState.h
++++ b/poppler/GfxState.h
+@@ -762,18 +762,21 @@ private:
+ class GfxPattern {
+ public:
+
+- GfxPattern(int typeA);
++ GfxPattern(int typeA, int patternRefNumA);
+ virtual ~GfxPattern();
+
+- static GfxPattern *parse(GfxResources *res, Object *obj, OutputDev *out, GfxState *state);
++ static GfxPattern *parse(GfxResources *res, Object *obj, OutputDev *out, GfxState *state, int patternRefNum);
+
+ virtual GfxPattern *copy() = 0;
+
+ int getType() { return type; }
+
++ int getPatternRefNum() const { return patternRefNum; }
++
+ private:
+
+ int type;
++ int patternRefNum;
+ };
+
+ //------------------------------------------------------------------------
+@@ -783,7 +786,7 @@ private:
+ class GfxTilingPattern: public GfxPattern {
+ public:
+
+- static GfxTilingPattern *parse(Object *patObj);
++ static GfxTilingPattern *parse(Object *patObj, int patternRefNum);
+ ~GfxTilingPattern();
+
+ GfxPattern *copy() override;
+@@ -803,7 +806,7 @@ private:
+ GfxTilingPattern(int paintTypeA, int tilingTypeA,
+ double *bboxA, double xStepA, double yStepA,
+ Object *resDictA, double *matrixA,
+- Object *contentStreamA);
++ Object *contentStreamA, int patternRefNumA);
+
+ int paintType;
+ int tilingType;
+@@ -821,7 +824,7 @@ private:
+ class GfxShadingPattern: public GfxPattern {
+ public:
+
+- static GfxShadingPattern *parse(GfxResources *res, Object *patObj, OutputDev *out, GfxState *state);
++ static GfxShadingPattern *parse(GfxResources *res, Object *patObj, OutputDev *out, GfxState *state, int patternRefNum);
+ ~GfxShadingPattern();
+
+ GfxPattern *copy() override;
+@@ -831,7 +834,7 @@ public:
+
+ private:
+
+- GfxShadingPattern(GfxShading *shadingA, double *matrixA);
++ GfxShadingPattern(GfxShading *shadingA, double *matrixA, int patternRefNumA);
+
+ GfxShading *shading;
+ double matrix[6];
+--
+2.14.1
+
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-15565.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-15565.patch
new file mode 100644
index 00000000000..7e4db3f0445
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-15565.patch
@@ -0,0 +1,28 @@
+From 19ebd40547186a8ea6da08c8d8e2a6d6b7e84f5d Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Fri, 13 Oct 2017 00:55:49 +0200
+Subject: [PATCH] CairoOutputDev: Fix crash in broken files
+
+Bug #103016
+---
+ poppler/CairoOutputDev.cc | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/poppler/CairoOutputDev.cc b/poppler/CairoOutputDev.cc
+index ffd39ef7..80f7a99e 100644
+--- a/poppler/CairoOutputDev.cc
++++ b/poppler/CairoOutputDev.cc
+@@ -2714,7 +2714,9 @@ void CairoOutputDev::drawSoftMaskedImage(GfxState *state, Object *ref, Stream *s
+ for (y = 0; y < maskHeight; y++) {
+ maskDest = (unsigned char *) (maskBuffer + y * row_stride);
+ pix = maskImgStr->getLine();
+- maskColorMap->getGrayLine (pix, maskDest, maskWidth);
++ if (likely(pix != nullptr)) {
++ maskColorMap->getGrayLine (pix, maskDest, maskWidth);
++ }
+ }
+
+ maskImgStr->close();
+--
+2.14.1
+
diff --git a/app-text/poppler/poppler-0.57.0-r1.ebuild b/app-text/poppler/poppler-0.57.0-r1.ebuild
index 7cf2072c3af..fe3bf2027de 100644
--- a/app-text/poppler/poppler-0.57.0-r1.ebuild
+++ b/app-text/poppler/poppler-0.57.0-r1.ebuild
@@ -67,6 +67,11 @@ PATCHES=(
"${FILESDIR}/${PN}-0.40-FindQt4.patch"
# Fedora backports from upstream
"${FILESDIR}/${P}-CVE-2017-14517.patch"
+ "${FILESDIR}/${P}-CVE-2017-14926.patch"
+ "${FILESDIR}/${P}-CVE-2017-14927.patch"
+ "${FILESDIR}/${P}-CVE-2017-14928.patch"
+ "${FILESDIR}/${P}-CVE-2017-14929.patch"
+ "${FILESDIR}/${P}-CVE-2017-15565.patch"
)
src_prepare() {