dwww Home | Show directory contents | Find package

poppler (24.02.0-1ubuntu9.9) noble-security; urgency=medium

  * SECURITY UPDATE: integer overflow in Splash backend
    - debian/patches/CVE-2026-10118.patch: SplashOutputDev: Fix integer overflow
      in tilingPatternFill in poppler/SplashOutputDev.cc.
    - CVE-2026-10118

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 04 Jun 2026 10:46:44 -0400

poppler (24.02.0-1ubuntu9.8) noble-security; urgency=medium

  * SECURITY UPDATE: User after free
    - debian/patches/CVE-2025-52885.patch: check for duplicate
      entries in poppler/StructTreeRoot.cc.
    - CVE-2025-52885

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Mon, 03 Nov 2025 07:57:48 -0300

poppler (24.02.0-1ubuntu9.7) noble-security; urgency=medium

  * SECURITY UPDATE: stack consumption via metadata
    - debian/patches/CVE-2025-43718.patch: make sure regex doesn't stack
      overflow by limiting it in poppler/PDFDoc.cc.
    - CVE-2025-43718

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 03 Oct 2025 07:36:12 -0400

poppler (24.02.0-1ubuntu9.6) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2025-50420.patch: don't continue
      recursing in PDFDoc in poppler/PDFDoc.cc.
    - CVE-2025-50420

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Tue, 12 Aug 2025 12:43:49 -0300

poppler (24.02.0-1ubuntu9.5) noble-security; urgency=medium

  * SECURITY UPDATE: DoS via reference count overflow
    - debian/patches/CVE-2025-52886.patch: limit amount of annots per
      document/page in poppler/Annot.cc, poppler/Page.cc.
    - CVE-2025-52886

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 25 Jul 2025 11:20:42 -0400

poppler (24.02.0-1ubuntu9.4) noble-security; urgency=medium

  * SECURITY UPDATE: signature validation
    - debian/patches/CVE-2025-43903.patch: Properly verify adbe.pkcs7.sha1
      signatures.
    - CVE-2025-43903

 -- Fabian Toepfer <fabian.toepfer@canonical.com>  Thu, 24 Apr 2025 14:59:17 +0200

poppler (24.02.0-1ubuntu9.3) noble-security; urgency=medium

  * SECURITY UPDATE: DoS via floating point exception
    - debian/patches/CVE-2025-32364.patch: protect against doing int =
      -INT_MIN in poppler/Function.cc.
    - CVE-2025-32364
  * SECURITY UPDATE: DoS in JBIG2Bitmap::combine function
    - debian/patches/CVE-2025-32365.patch: move isOk check to inside
      JBIG2Bitmap::combine in poppler/JBIG2Stream.cc.
    - CVE-2025-32365

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 07 Apr 2025 12:18:03 -0400

poppler (24.02.0-1ubuntu9.2) noble-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read in pdf file parsing.
    - debian/patches/CVE-2024-56378.patch: Add checks to unlikely and destPtr
      in poppler/JBIG2Stream.cc.
    - CVE-2024-56378

 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Tue, 14 Jan 2025 12:26:08 -0330

poppler (24.02.0-1ubuntu9.1) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-6239.patch: fix crash in broken
      documents when using -dests in utils/pdfinfo.c.
    - CVE-2024-6239

 -- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>  Wed, 26 Jun 2024 09:54:47 -0300

poppler (24.02.0-1ubuntu9) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <steve.langasek@ubuntu.com>  Sun, 31 Mar 2024 06:48:42 +0000

poppler (24.02.0-1ubuntu8) noble; urgency=medium

  * Rename libraries for 64-bit time_t transition.  Closes: #1064282
    (import changes from 22.12.0-2.1 and 22.12.0-2.2)

 -- Benjamin Drung <bdrung@ubuntu.com>  Wed, 20 Mar 2024 13:51:25 +0100

poppler (24.02.0-1ubuntu7) noble; urgency=medium

  * No-change rebuild against libcurl3t64-gnutls

 -- Steve Langasek <steve.langasek@ubuntu.com>  Sat, 16 Mar 2024 07:15:29 +0000

poppler (24.02.0-1ubuntu6) noble; urgency=medium

  * No-change rebuild against libqt5core5t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 15 Mar 2024 06:31:06 +0000

poppler (24.02.0-1ubuntu5) noble; urgency=medium

  * No-change rebuild for archive consistency

 -- Steve Langasek <steve.langasek@ubuntu.com>  Tue, 12 Mar 2024 23:20:47 +0000

poppler (24.02.0-1ubuntu4) noble; urgency=medium

  * No-change rebuild against libglib2.0-0t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Mon, 11 Mar 2024 23:30:00 +0000

poppler (24.02.0-1ubuntu3) noble; urgency=medium

  * No-change rebuild against libpng16-16t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Thu, 29 Feb 2024 07:51:49 +0000

poppler (24.02.0-1ubuntu2) noble; urgency=medium

  * Don't run qt6 autopkgtest on i386

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 18 Feb 2024 19:36:59 -0500

poppler (24.02.0-1ubuntu1) noble; urgency=medium

  * Merge with Debian. Remaining change:
    - Don't build qt6 library on i386 since qt6 isn't available on
      Ubuntu there

 -- Amin Bandali <bandali@ubuntu.com>  Fri, 16 Feb 2024 13:44:00 -0500

poppler (24.02.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Update library name to libpoppler134 to match soname
  * debian/copyright: Update path of a moved file

 -- Amin Bandali <bandali@ubuntu.com>  Tue, 13 Feb 2024 11:59:19 -0500

poppler (23.12.0-1ubuntu2) noble; urgency=medium

  * Fix i386 build with new poppler

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 03 Dec 2023 20:04:08 -0500

poppler (23.12.0-1ubuntu1) noble; urgency=medium

  * Merge with Debian. Remaining change:
    - Don't build qt6 library on i386 since qt6 isn't available on
      Ubuntu there

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 03 Dec 2023 19:54:11 -0500

poppler (23.12.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Update library name to libpoppler133 to match soname
  * Add new symbols to symbols files
  * Build-Depend on libcurl4-gnutls-dev

 -- Jeremy Bícha <jbicha@ubuntu.com>  Fri, 01 Dec 2023 10:08:39 -0500

poppler (23.08.0-2ubuntu1) mantic; urgency=medium

  * Merge from Debian experimental (LP: #2031572).  Remaining change:
    - Don't build qt6 library on i386 since qt6 isn't available on
      Ubuntu there
  * Drop debian/patches/CVE-2023-34872.patch, fixed upstream.

 -- Amin Bandali <bandali@ubuntu.com>  Wed, 16 Aug 2023 18:31:57 -0400

poppler (23.08.0-2) experimental; urgency=medium

  * Team upload

  [ Jeremy Bicha ]
  * Explicitly disable gpg support for now

  [ Amin Bandali ]
  * 23.08.0 upstream release addresses CVE-2023-34872 (Closes: #1042811)
  * debian/rules: Opt into LTO (to minimize symbols diff with Ubuntu)
  * Drop most optional symbols from libpoppler-qt5-1 and libpoppler-qt6-3

 -- Amin Bandali <bandali@ubuntu.com>  Wed, 16 Aug 2023 10:20:27 -0400

poppler (23.08.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release (Closes: #969907)
  * Update library name to libpoppler130 to match soname
  * Address some lintian error and warnings:
    - E: libpoppler-private-dev: depends-on-obsolete-package
      Suggests: libfreetype6-dev => libfreetype-dev
    - W: poppler source: build-depends-on-obsolete-package
      Build-Depends: libfontconfig1-dev => libfontconfig-dev
    - W: poppler source: build-depends-on-obsolete-package
      Build-Depends: libfreetype6-dev => libfreetype-dev
  * Update standards version to 4.6.2, no changes needed
  * Update minimum version of several Build-Depends and Depends
    per upstream

 -- Amin Bandali <bandali@ubuntu.com>  Thu, 10 Aug 2023 17:27:57 -0400

poppler (22.12.0-2ubuntu2) mantic; urgency=medium

  * SECURITY UPDATE: DoS via crafted PDF file
    - debian/patches/CVE-2023-34872.patch: fix crash in poppler/Outline.cc.
    - CVE-2023-34872

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 02 Aug 2023 14:49:30 -0400

poppler (22.12.0-2ubuntu1) lunar; urgency=medium

  * Merge with Debian. Remaining change:
  * Don't build qt6 library on i386 since qt6 isn't available on Ubuntu there

 -- Jeremy Bicha <jbicha@ubuntu.com>  Sat, 04 Feb 2023 19:24:11 -0500

poppler (22.12.0-2) unstable; urgency=medium

  * Team upload
  * Release to unstable

 -- Jeremy Bicha <jbicha@ubuntu.com>  Tue, 10 Jan 2023 16:36:05 -0500

poppler (22.12.0-1ubuntu2) lunar; urgency=medium

  * Rebuild

 -- Jeremy Bicha <jbicha@ubuntu.com>  Fri, 16 Dec 2022 16:50:58 -0500

poppler (22.12.0-1ubuntu1) lunar; urgency=medium

  * Don't build QT6 library on i386 since QT6 isn't available on Ubuntu there

 -- Jeremy Bicha <jbicha@ubuntu.com>  Fri, 16 Dec 2022 10:28:11 -0500

poppler (22.12.0-1) experimental; urgency=medium

  * Team upload

  [ Nathan Pratta Teodosio ]
  * New upstream release
  * Update library name to libpoppler126 to match soname

  [ Jeremy Bicha ]
  * Fix qt6 autopkgtest
  * debian/control: Set Rules-Requires-Root: no

 -- Nathan Pratta Teodosio <nathan.teodosio@canonical.com>  Mon, 12 Dec 2022 14:16:40 -0300

poppler (22.11.0-1) experimental; urgency=medium

  [ Jeremy Bicha ]
  * New upstream release
  * Update library name to libpoppler125 to match soname
  * Add Qt6 library (Closes: #1008990)
  * Update links in debian/upstream/metadata
  * Drop all patches: applied in new release
  * Drop obsolete Breaks added long ago to fix 774949
  * Run dh_auto_test but ignore test failures for now because of missing
    test files

  [ Debian Janitor ]
  * Trim trailing whitespace
  * Set upstream metadata fields
  * Remove obsolete field Name from debian/upstream/metadata
  * Update standards version to 4.6.1, no changes needed.
  * Apply multi-arch hints. + libpoppler-glib-doc: Add Multi-Arch: foreign.

 -- Jeremy Bicha <jbicha@ubuntu.com>  Tue, 01 Nov 2022 15:15:59 +0100

poppler (22.08.0-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * JBIG2Stream: Fix crash on broken file (CVE-2022-38784) (Closes: #1018971)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 03 Sep 2022 21:30:51 +0200

poppler (22.08.0-2) unstable; urgency=medium

  * Team upload
  * Upload to unstable

 -- Jeremy Bicha <jbicha@ubuntu.com>  Sun, 21 Aug 2022 13:13:33 -0400

poppler (22.08.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Update library name to libpoppler123 to match soname
  * debian/libpoppler-glib8.symbols.in: Add new symbols

 -- Jeremy Bicha <jbicha@ubuntu.com>  Wed, 10 Aug 2022 10:04:47 -0400

poppler (22.06.0-1) experimental; urgency=medium

  * New upstream version
  * libpoppler118->libpoppler122

 -- Nathan Pratta Teodosio <nathan.teodosio@canonical.com>  Thu, 09 Jun 2022 21:47:08 -0300

poppler (22.02.0-1) experimental; urgency=medium

  * Team upload
  * New upstream release
  * Update library name to libpoppler118 to match soname
  * Add new symbols to our symbols files
  * debian/rules: Set DPKG_GENSYMBOLS_CHECK_LEVEL = 4
  * Set debhelper-compat to 13
  * Lots of minor packaging cleanup

 -- Jeremy Bicha <jeremy.bicha@canonical.com>  Fri, 04 Feb 2022 09:18:41 -0500

poppler (21.11.0-1) experimental; urgency=medium

  * New upstream version
  * Updated for the soname change
  * Refreshed symbols for the new version

 -- Sebastien Bacher <seb128@ubuntu.com>  Tue, 02 Nov 2021 10:17:01 +0100

poppler (21.06.1-1) experimental; urgency=medium

  * New upstream version

 -- Sebastien Bacher <seb128@ubuntu.com>  Mon, 21 Jun 2021 16:27:09 +0200

poppler (21.06.0-1) experimental; urgency=medium

  * New upstream version, updated for the soname change
  * debian/control:
    - updated glib requirement
  * Updated symbols for the new version

 -- Sebastien Bacher <seb128@debian.org>  Thu, 03 Jun 2021 12:23:29 +0200

poppler (21.02.0-1) experimental; urgency=medium

  * New upstream version, updated for the soname change
  * debian/control:
    - build-depends on libgdk-pixbuf-2.0-dev and libgtk-3-dev
    - updated standards version
  * debian/libpoppler-dev.install:
    - remove deprecated .pc for the list of files to install

 -- Sebastien Bacher <seb128@ubuntu.com>  Tue, 23 Feb 2021 15:40:38 +0100

poppler (20.09.0-3.1) unstable; urgency=medium

  * debian/tests: make autopkgtests cross-test-friendly (Closes: #969726)

  [ Gianfranco Costamagna ]
  * add some optional symbols that appears/disappears when the source is
    built with -O3

 -- Sebastien Bacher <seb128@ubuntu.com>  Thu, 21 Jan 2021 16:40:36 +0100

poppler (20.09.0-3) unstable; urgency=medium

  * debian/tests: build with -Wno-deprecated-declarations, so that we don't
    fail if an rdep deprecates some symbols. Closes: #973538.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Tue, 03 Nov 2020 13:27:06 +0100

poppler (20.09.0-2) unstable; urgency=medium

  * Add new optional symbols generated by the new toolchain.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Thu, 03 Sep 2020 21:12:14 +0200

poppler (20.09.0-1) unstable; urgency=medium

  * New upstream release.
  * Update libpoppler-glib8's symbols.
  * Make debian/copyright follow DEP-5.
  * License is GPL-2 | GPL-3 since the update to Xpdf 3.03 (see README-XPDF),
    update license information in debian/copyright accordingly.
  * Upload to unstable.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Thu, 03 Sep 2020 18:29:28 +0200

poppler (20.08.0-1) experimental; urgency=medium

  * New upstream release.
  * debian/watch: use https to fix redirect error.
  * Update symbols files.
  * libpoppler95 -> libpoppler102.
  * Build with boost headers. Closes: #955455.
  * Update copyright holders.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Thu, 20 Aug 2020 11:02:05 +0200

poppler (0.85.0-2) unstable; urgency=medium

  * Upload to unstable.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Tue, 18 Aug 2020 11:56:38 +0200

poppler (0.85.0-1) experimental; urgency=medium

  [ Andreas Henriksson ]
  * New upstream release.
  * libpoppler91 -> libpoppler95
  * Revert "Silence deprecation warnings for GTime, fixing autopkgtest"
    - merged upstream, now part of upstream release.
  * Update symbols

  [ Philip Withnall ]
  * Add python3:any to build deps as it’s used in `make-glib-api-docs` script.
    Closes: #947327.

  [ Emilio Pozuelo Monfort ]
  * Replace ADTTMP variable with AUTOPKGTEST_TMP.
  * Update copyright holders.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Wed, 19 Feb 2020 18:50:58 +0100

poppler (0.81.0-1) experimental; urgency=medium

  * New upstream release. Closes: #924617.
  * Remove patches applied upstream.
  * libpoppler82 -> libpoppler91.
  * Update cmake flag for the unstable headers.
  * Update README filename.
  * Update symbols files.
  * Update copyright holders.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Fri, 04 Oct 2019 12:45:27 +0200

poppler (0.71.0-6) unstable; urgency=medium

  [ Simon McVittie ]
  * d/p/Silence-deprecation-warnings-for-PopplerAttachment-c.patch:
    Silence deprecation warnings for GTime, fixing autopkgtest
    (Closes: #941718)

  [ Emilio Pozuelo Monfort ]
  * Remove Joss from uploaders, thanks for all the work! Closes: #930163.

 -- Emilio Pozuelo Monfort <pochu@debian.org>  Fri, 04 Oct 2019 11:32:23 +0200

# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libpoppler134`.

Generated by dwww version 1.16 on Sat Jul 11 08:18:38 CEST 2026.