Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-text/xpdf
Commit message (Collapse)AuthorAgeFilesLines
* app-text/xpdf: remove old and vulnerable versionAndrew Savchenko2019-03-212-117/+0
| | | | | | | Bug: https://bugs.gentoo.org/681112 Bug: https://bugs.gentoo.org/681140 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>
* app-text/xpdf: security version bumpAndrew Savchenko2019-03-212-0/+114
| | | | | | | | | | | | | | | | | | | | | | | | | xpdf-4.01.01 fixes several vulnerabilities and problems reported by Loginsoft, including CVE-2019-9589. CVE-2019-9588 and CVE-2019-9587 are probably fixed as well, but it is not clear from ChangeLog: The PDFDoc(BaseStream) initializer wasn't working correctly. Fixed a missing array bounds check in PSOutputDev. [Thanks to Loginsoft for the bug report.] ^-- CVE-2019-9589 If the "U" string used for RC4 decryption is short, Adobe apparently zero-pads it, so Xpdf now does the same. ^-- Maybe CVE-2019-9588 Pdffonts now checks more carefully for loops between objects. ^-- Looks like CVE-2019-9587 Fixed a problem parsing large real numbers. [Thanks to Loginsoft for the bug report.] Bug: https://bugs.gentoo.org/681112 Bug: https://bugs.gentoo.org/681140 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>
* app-text/xpdf: re-add to the treeAndrew Savchenko2019-03-126-0/+246
Xpdf is back on track again with modern interface and active development :) Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>