Your message dated Mon, 10 Dec 2012 23:00:33 +0100 with message-id <20121210220033.GL5634@radis.cristau.org> and subject line Re: Bug#694470: unblock (pre-approval): poppler/0.18.4-4 has caused the Debian Bug report #694470, regarding unblock (pre-approval): poppler/0.18.4-4 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 694470: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694470 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock (pre-approval): poppler/0.18.4-4
- From: Pino Toscano <pino@debian.org>
- Date: Mon, 26 Nov 2012 18:01:40 +0100
- Message-id: <20121126170140.6934.97169.reportbug@drak>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Hi, I would like to upload poppler 0.18.4-4 with the following two changes: - backport an upstream commit to fix #693817 (wrong string manipulation in some cases, leads to xpdf bug #649047) - b-d on libcairo2-doc to fix cross-references to cairo methods in the poppler-glib apidox Attached the current diff out of the packaging repo of the changes above. Thanks, -- Pinodiff --git a/debian/changelog b/debian/changelog index f99e452..b0ab017 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +poppler (0.18.4-4) UNRELEASED; urgency=low + + [ Pino Toscano ] + * Backport upstream commit 7ba15d11e56175601104d125d5e4a47619c224bf to fix + GooString::insert; patch upstream_fix-GooString-insert.patch. + (Closes: #693817) + * Add a libcairo2-doc build dependency to fix cross-references to cairo + methods in the poppler-glib apidox. + + -- Pino Toscano <pino@debian.org> Mon, 26 Nov 2012 14:54:05 +0100 + poppler (0.18.4-3) unstable; urgency=low * Finally drop the libfontconfig1-dev dependency from libpoppler-dev, diff --git a/debian/control b/debian/control index 14ea239..4eab85e 100644 --- a/debian/control +++ b/debian/control @@ -24,7 +24,8 @@ Build-Depends: debhelper (>= 9), pkg-config (>= 0.18), libgirepository1.0-dev (>= 1.31.0-2~), gobject-introspection (>= 1.31.0-2~), - libglib2.0-doc + libglib2.0-doc, + libcairo2-doc Standards-Version: 3.9.3 Homepage: http://poppler.freedesktop.org/ Vcs-Git: git://git.debian.org/pkg-freedesktop/poppler.git diff --git a/debian/patches/series b/debian/patches/series index d1150f3..bab73a2 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ ltmain-as-needed.diff upstream_cairo-use-correct-userfont-font-bbox.patch upstream_pdfinfo-decode-utf-16-surrogate-pairs.patch upstream_Change-nnnnnn-to-number.patch +upstream_fix-GooString-insert.patch diff --git a/debian/patches/upstream_fix-GooString-insert.patch b/debian/patches/upstream_fix-GooString-insert.patch new file mode 100644 index 0000000..5398863 --- /dev/null +++ b/debian/patches/upstream_fix-GooString-insert.patch @@ -0,0 +1,44 @@ +From 7ba15d11e56175601104d125d5e4a47619c224bf Mon Sep 17 00:00:00 2001 +From: Pino Toscano <pino@kde.org> +Date: Mon, 26 Nov 2012 00:29:35 +0100 +Subject: [PATCH] fix GooString::insert() + +Hi, + +as reported in a Debian bug [1], it seems GooString::insert could lead +to using uninitialized memory. +The case is a simple: + GooString goo; + goo.insert(0, "."); + goo.insert(0, "This is a very long long test string"); +i.e. basically first insert a single character at position 0, and then a +string longer than STR_STATIC_SIZE always at position 0. + +[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693817 +--- + goo/GooString.cc | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/goo/GooString.cc b/goo/GooString.cc +index 451a70e..e52380e 100644 +--- a/goo/GooString.cc ++++ b/goo/GooString.cc +@@ -640,14 +640,12 @@ GooString *GooString::insert(int i, GooString *str) { + } + + GooString *GooString::insert(int i, const char *str, int lengthA) { +- int j; + int prevLen = length; + if (CALC_STRING_LEN == lengthA) + lengthA = strlen(str); + + resize(length + lengthA); +- for (j = prevLen; j >= i; --j) +- s[j+lengthA] = s[j]; ++ memmove(s+i+lengthA, s+i, prevLen); + memcpy(s+i, str, lengthA); + return this; + } +-- +1.7.10.4 +
--- End Message ---
--- Begin Message ---
- To: Pino Toscano <pino@debian.org>, 694470-done@bugs.debian.org
- Subject: Re: Bug#694470: unblock (pre-approval): poppler/0.18.4-4
- From: Julien Cristau <jcristau@debian.org>
- Date: Mon, 10 Dec 2012 23:00:33 +0100
- Message-id: <20121210220033.GL5634@radis.cristau.org>
- In-reply-to: <201211271820.38742.pino@debian.org>
- References: <20121126170140.6934.97169.reportbug@drak> <20121126215943.GC5634@radis.cristau.org> <201211271820.38742.pino@debian.org>
On Tue, Nov 27, 2012 at 18:20:33 +0100, Pino Toscano wrote: > Thanks, uploaded with an improved version of the patch (the previous one > had a little bug, fixed with the new version). > Unblocked. Cheers, JulienAttachment: signature.asc
Description: Digital signature
--- End Message ---