rpms/poppler
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- poppler-0.12.2

Browse Source
This commit is contained in:
Rex Dieter 2009-11-23 21:51:43 +00:00
parent c95f0b46ad
commit ba7344c0ba
4 changed files with 7 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -1 +1 @@
poppler-0.12.1.tar.gz poppler-0.12.2.tar.gz

54
poppler-0.12.1-CVE-2009-3607.patch
View File

@ -1,54 +0,0 @@
http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b70609
CVE-2009-3607
diff -pruN poppler-0.12.1.orig/glib/poppler-page.cc poppler-0.12.1/glib/poppler-page.cc
--- poppler-0.12.1.orig/glib/poppler-page.cc 2009-09-09 23:22:31.000000000 +0200
+++ poppler-0.12.1/glib/poppler-page.cc 2009-10-25 18:54:30.000000000 +0100
@@ -609,28 +609,28 @@ create_surface_from_thumbnail_data (guch
gint rowstride)
{
guchar *cairo_pixels;
+ gint cairo_stride;
cairo_surface_t *surface;
- static cairo_user_data_key_t key;
int j;
- cairo_pixels = (guchar *)g_malloc (4 * width * height);
- surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
- CAIRO_FORMAT_RGB24,
- width, height, 4 * width);
- cairo_surface_set_user_data (surface, &key,
- cairo_pixels, (cairo_destroy_func_t)g_free);
+ surface = cairo_image_surface_create (CAIRO_FORMAT_RGB24, width, height);
+ if (cairo_surface_status (surface))
+ return NULL;
+
+ cairo_pixels = cairo_image_surface_get_data (surface);
+ cairo_stride = cairo_image_surface_get_stride (surface);
for (j = height; j; j--) {
guchar *p = data;
guchar *q = cairo_pixels;
guchar *end = p + 3 * width;
-
+
while (p < end) {
#if G_BYTE_ORDER == G_LITTLE_ENDIAN
q[0] = p[2];
q[1] = p[1];
q[2] = p[0];
-#else
+#else
q[1] = p[0];
q[2] = p[1];
q[3] = p[2];
@@ -640,7 +640,7 @@ create_surface_from_thumbnail_data (guch
}
data += rowstride;
- cairo_pixels += 4 * width;
+ cairo_pixels += cairo_stride;
}
return surface;

11
poppler.spec
View File

@ -1,8 +1,8 @@
Summary: PDF rendering library Summary: PDF rendering library
Name: poppler Name: poppler
Version: 0.12.1 Version: 0.12.2
Release: 3%{?dist} Release: 1%{?dist}
License: GPLv2 License: GPLv2
Group: Development/Libraries Group: Development/Libraries
URL: http://poppler.freedesktop.org/ URL: http://poppler.freedesktop.org/
@ -15,9 +15,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# for texlive/pdftex, make ObjStream class public # for texlive/pdftex, make ObjStream class public
Patch100: poppler-0.12.1-objstream.patch Patch100: poppler-0.12.1-objstream.patch
# CVE-2009-3607 / c839b70609
Patch162: poppler-0.12.1-CVE-2009-3607.patch
BuildRequires: automake libtool BuildRequires: automake libtool
BuildRequires: cairo-devel >= 1.8.4 BuildRequires: cairo-devel >= 1.8.4
BuildRequires: gtk2-devel BuildRequires: gtk2-devel
@ -121,7 +118,6 @@ converting PDF files to a number of other formats.
%setup -q %setup -q
%patch100 -p1 -b .objstream %patch100 -p1 -b .objstream
%patch162 -p1 -b .CVE-2009-3607
# hammer to nuke rpaths, recheck on new releases # hammer to nuke rpaths, recheck on new releases
autoreconf -i -f autoreconf -i -f
@ -220,6 +216,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Mon Nov 23 2009 Rex Dieter <rdieter@fedoraproject.org> - 0.12.2-1
- poppler-0.12.2
* Sun Oct 25 2009 Rex Dieter <rdieter@fedoraproject.org> - 0.12.1-3 * Sun Oct 25 2009 Rex Dieter <rdieter@fedoraproject.org> - 0.12.1-3
- CVE-2009-3607 poppler: create_surface_from_thumbnail_data - CVE-2009-3607 poppler: create_surface_from_thumbnail_data
integer overflow (#526924) integer overflow (#526924)

2
sources
View File

@ -1 +1 @@
3432046ee111efa5b85e5f2cdde8af5c poppler-0.12.1.tar.gz 60c00b55acf7dd389bf256d178af70bf poppler-0.12.2.tar.gz