Hi, On Sat, Aug 07, 2010 at 03:23:43PM +0100, Neil McGovern wrote: > On Sat, Aug 07, 2010 at 02:59:38AM -0400, Michael Gilbert wrote: > > The plan is to get the poppler issue fixed via NMU as soon as possible, > > which will let 3.02-9 enter testing (that should be automatic?), then > > we will need your OK to upload 3.02-10. > maulkin@cheshire:/home/repos/xpdf$ git diff -r debian/3.02-9..master|diffstat|tail -1 > 277 files changed, 123305 insertions(+), 212 deletions(-) > > This seems to be quite a large diff, perhaps I'm not extracting it > properly. Could you attach a diff for us? Well... diff is huge for real :-) The major change was for fixing security issues by replacing code by poppler. Anyway, * This was in unstable over 10 days before freeze. No major complain except known existed and unfixed issues. #427632 #512381 * It closed over 50 bugs and closed all security issues inherent to PDF rendering by offloading it to an external good library libpoppler5. * The sole reason not accepted to testing was hostile dependency declaration by poppler-utils http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=586620 xpdf-utils depends on poppler-utils to enable user migration to poppler-utils but poppler-utils still conflicts with xpdf-utils. * Unlike evince, xpdf does not read all PDF file into memory which makes this xpdf quite useful for some people still. * There is no package depending on xpdf. (except non-significant wiipdf) I am the uploader/sponsor of this. This is a major package reorganization from previous one (-2). There was a change from 1.0 format to 3.0 format, too. Basically, xpdf skin is kept but core of PDF routines was substituted by the library offered by better maintained poppler package. So this solved many security issues plaguing xpdf. poppler is more actively maintained and has less security issues than the old code base in xpdf. This trick is done by debian/rules having : prepare:: mkdir -p build cp goo/parseargs.* xpdf/CoreOutputDev.* xpdf/GlobalParams.* build cp xpdf/PDFCore.* xpdf/XPDFApp.* xpdf/XPDFCore.* xpdf/XPDFTree.* build cp xpdf/XPDFTreeP.h xpdf/XPDFViewer.* xpdf/xpdf.cc build # perform extensive goo rename (as required by poppler) sed -i s/GString/GooString/g build/* sed -i s/GMutex/GooMutex/g build/* sed -i s/GHash/GooHash/g build/* sed -i s/GList/GooList/g build/* sed -i s/\<aconf\.h\>/\<poppler-config\.h\>/g build/* cp xpdf/config.h xpdf/about-text.h xpdf/*.xbm xpdf/xpdfIcon.xpm build So we build in "build" directory with patched source. And we do not build all other part of xpdf package since those tools are provided by poppler and better shape. So xpdf-reader and xpdf-utils are all dummy packages. There are also many bug fix patches applied to the original source. Mostly taken from other distribution etc. There are many of such in debian/patches. The easiest way to check changes are cloning git repo and browse it. Vcs-Browser: http://git.debian.org/?p=collab-maint/xpdf.git Vcs-Git: git://git.debian.org/collab-maint/xpdf.git Check tag: new package osamu/deban/3.02-9 and previous upload debian/3.02-1.4 I wish this git repo was a bit more readable and cleaner history for you to read. (Michael and I had few miscommunication and unfinished topic branch was inadvertently merged. My suggestion to rebase was rejected etc.) Please let us know what it takes to get accepted such as creating git repo with cleaner history. (Michael, if we get this version accepted, we still need to make minor changes.) Osamu
Attachment:
signature.asc
Description: Digital signature