Hi,
On Sat, Aug 07, 2010 at 03:23:43PM +0100, Neil McGovern wrote:
> On Sat, Aug 07, 2010 at 02:59:38AM -0400, Michael Gilbert wrote:
> > The plan is to get the poppler issue fixed via NMU as soon as possible,
> > which will let 3.02-9 enter testing (that should be automatic?), then
> > we will need your OK to upload 3.02-10.
> maulkin@cheshire:/home/repos/xpdf$ git diff -r debian/3.02-9..master|diffstat|tail -1
> 277 files changed, 123305 insertions(+), 212 deletions(-)
>
> This seems to be quite a large diff, perhaps I'm not extracting it
> properly. Could you attach a diff for us?
Well... diff is huge for real :-)
The major change was for fixing security issues by replacing code by
poppler.
Anyway,
* This was in unstable over 10 days before freeze. No major complain
except known existed and unfixed issues. #427632 #512381
* It closed over 50 bugs and closed all security issues inherent to PDF
rendering by offloading it to an external good library libpoppler5.
* The sole reason not accepted to testing was hostile dependency
declaration by poppler-utils
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=586620
xpdf-utils depends on poppler-utils to enable user migration to
poppler-utils but poppler-utils still conflicts with xpdf-utils.
* Unlike evince, xpdf does not read all PDF file into memory which makes this
xpdf quite useful for some people still.
* There is no package depending on xpdf. (except non-significant wiipdf)
I am the uploader/sponsor of this. This is a major package reorganization from
previous one (-2). There was a change from 1.0 format to 3.0 format, too.
Basically, xpdf skin is kept but core of PDF routines was substituted by the
library offered by better maintained poppler package. So this solved many
security issues plaguing xpdf.
poppler is more actively maintained and has less security issues than
the old code base in xpdf.
This trick is done by debian/rules having :
prepare::
mkdir -p build
cp goo/parseargs.* xpdf/CoreOutputDev.* xpdf/GlobalParams.* build
cp xpdf/PDFCore.* xpdf/XPDFApp.* xpdf/XPDFCore.* xpdf/XPDFTree.* build
cp xpdf/XPDFTreeP.h xpdf/XPDFViewer.* xpdf/xpdf.cc build
# perform extensive goo rename (as required by poppler)
sed -i s/GString/GooString/g build/*
sed -i s/GMutex/GooMutex/g build/*
sed -i s/GHash/GooHash/g build/*
sed -i s/GList/GooList/g build/*
sed -i s/\<aconf\.h\>/\<poppler-config\.h\>/g build/*
cp xpdf/config.h xpdf/about-text.h xpdf/*.xbm xpdf/xpdfIcon.xpm build
So we build in "build" directory with patched source.
And we do not build all other part of xpdf package since those tools are
provided by poppler and better shape. So xpdf-reader and xpdf-utils are all
dummy packages.
There are also many bug fix patches applied to the original source. Mostly
taken from other distribution etc. There are many of such in debian/patches.
The easiest way to check changes are cloning git repo and browse it.
Vcs-Browser: http://git.debian.org/?p=collab-maint/xpdf.git
Vcs-Git: git://git.debian.org/collab-maint/xpdf.git
Check tag: new package osamu/deban/3.02-9 and previous upload debian/3.02-1.4
I wish this git repo was a bit more readable and cleaner history for you to read.
(Michael and I had few miscommunication and unfinished topic branch was
inadvertently merged. My suggestion to rebase was rejected etc.)
Please let us know what it takes to get accepted such as creating git
repo with cleaner history.
(Michael, if we get this version accepted, we still need to make minor
changes.)
Osamu
Attachment:
signature.asc
Description: Digital signature