poppler (0.4.5-5.1etch3maemo1+0m5) unstable; urgency=low

  * This entry has been added by BIFH queue processor
    Suffix +0m5 added to package revision

 -- Juha Kallioinen <juha.kallioinen@nokia.com>  Tue, 09 Feb 2010 13:36:53 +0200

poppler (0.4.5-5.1etch3maemo1) unstable; urgency=low

  * Applied security patch CVE-2008-1693
  * Disabled warning about deprecated string conversion
  * Fixes: NB#146295

 -- Juha Kallioinen <juha.kallioinen@nokia.com>  Tue, 09 Feb 2010 12:15:21 +0200

poppler (0.4.5-5.1etch2maemo3) unstable; urgency=low

  * Compat level increased to 5
  * Fixes NB#118369 Creates -dbg packages for libpoppler0c2 and libpoppler0c2-glib

 -- Juha Kallioinen <juha.kallioinen@nokia.com>  Mon, 29 Jun 2009 16:19:06 +0300

poppler (0.4.5-5.1etch2maemo2) unstable; urgency=low

  * Add libjpeg62-dev to build dependencies

 -- Jussi Hakala <ext-jussi.hakala@nokia.com>  Thu, 03 Apr 2008 14:15:06 +0300

poppler (0.4.5-5.1etch2maemo1) unstable; urgency=low

  * Disable qt support
  * Set maintainer to integration@maemo.org

 -- Jussi Hakala <ext-jussi.hakala@nokia.com>  Wed, 19 Mar 2008 16:58:42 +0200

poppler (0.4.5-5.1etch2) stable-security; urgency=high

  * Fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393

 -- Moritz Muehlenhoff <jmm@debian.org>  Mon, 21 Jan 2008 18:10:27 +0100

poppler (0.4.5-5.1etch1) stable-security; urgency=high

  * Fix integer overflow in stream predictor (CVE-2007-3387).

 -- Moritz Muehlenhoff <jmm@debian.org>  Fri,  3 Aug 2007 17:47:47 +0200

poppler (0.4.5-5.1) unstable; urgency=high

  * Non-maintainer upload with approval of the maintainer.
  * SECURITY UPDATE: Denial of Service.
  * New patch, 108_CVE-2007-0104; limits recursion depth of the parsing tree to
    100 to avoid infinite loop with crafted documents; CVE-2007-0104; from
    Ubuntu's 0.4.2-0ubuntu6.8; originally taken from koffice security update;
    closes: #407600.

 -- Loic Minier <lool@dooz.org>  Sat, 20 Jan 2007 00:12:49 +0100

poppler (0.4.5-5) unstable; urgency=low

  * Acknowledge NMU (Closes: #375332)
  * Add versioned conflict on pdftohtml (Closes: #393162)

 -- Ondřej Surý <ondrej@debian.org>  Tue, 24 Oct 2006 10:09:19 +0200

poppler (0.4.5-4.1) unstable; urgency=low

  * Non-maintainer upload.
  * Backport SplashFTFont.cc from 0.5.2; fixes FTBFS with Freetype 2.2.
    (Closes: #373991)

 -- Steinar H. Gunderson <sesse@debian.org>  Sun, 25 Jun 2006 11:55:39 +0200

poppler (0.4.5-4) unstable; urgency=low

  * Fix FTBFS with gcc 4.1 (Closes: #357479)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 17 Mar 2006 17:13:33 +0100

poppler (0.4.5-3) unstable; urgency=low

  * Disable cairo output for unstable, cairo rendering will stay
    enabled in cairo version in experimental.
    (Closes: #349371, #347652, #348511, #348869, #348980, #347423, #340379, #351070, #353444)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 22 Feb 2006 09:36:36 +0100

poppler (0.4.5-2) unstable; urgency=high

  * Add debian/patches/003-xpdf-3.01pl2.patch
    - Security fixes from Derek Noonburg (follows CVE-2006-0301)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 15 Feb 2006 11:16:40 +0100

poppler (0.4.5-1) unstable; urgency=high

  * New upstream security release
    - fixes CVE-2006-0301

 -- Ondřej Surý <ondrej@debian.org>  Sun, 12 Feb 2006 20:34:47 +0100

poppler (0.4.4-2) unstable; urgency=low

  * Remove debian/patches/001_relibtoolize.patch
    + Relibtoolizing is needed because of 000_add-poppler-utils.patch
      which modifies Makefile.am (Closes: 348714)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 18 Jan 2006 22:07:55 +0100

poppler (0.4.4-1) unstable; urgency=high

  * New upstream security release
    - fixes CVE-2005-3624, CVE-2005-3625, CVE-2005-3627
  * Remove debian/patches/003-CVE-2005-3624_5_7.patch:
    - Merged upstream
  * Remove debian/patches/004-fix-CVE-2005-3192.patch:
    - Merged upstream
  * Remove debian/patches/001-relibtoolize.patch
    - Upstream uses recent libtool

 -- Ondřej Surý <ondrej@debian.org>  Thu, 12 Jan 2006 20:40:27 +0100

poppler (0.4.3-3) unstable; urgency=low

  * Fix missing libcairo2-dev dependency (Closes: #346277)

 -- Ondřej Surý <ondrej@debian.org>  Fri,  6 Jan 2006 21:37:10 +0100

poppler (0.4.3-2) unstable; urgency=high

  [ Martin Pitt ]
  * SECURITY UPDATE: Multiple integer/buffer overflows.
  * Add debian/patches/003-CVE-2005-3624_5_7.patch:
    - poppler/Stream.cc, CCITTFaxStream::CCITTFaxStream():
      + Check columns for negative or large values.
      + CVE-2005-3624
    - poppler/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
      + Reset numComps to 0 since it's a global variable that is used later.
      + CVE-2005-3627
    - poppler/Stream.cc, DCTStream::readHuffmanTables():
      + Fix out of bounds array access in Huffman tables.
      + CVE-2005-3627
    - poppler/Stream.cc, DCTStream::readMarker():
      + Check for EOF in while loop to prevent endless loops.
      + CVE-2005-3625
    - poppler/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(),
      JBIG2Bitmap::expand(), JBIG2Stream::readHalftoneRegionSeg():
      + Check user supplied width and height against invalid values.
      + Allocate one extra byte to prevent out of bounds access in combine().
  * Add debian/patches/004-fix-CVE-2005-3192.patch:
    - Fix nVals int overflow check in StreamPredictor::StreamPredictor().
    - Forwarded upstream to https://bugs.freedesktop.org/show_bug.cgi?id=5514.

  [ Ondřej Surý ]
  * Merge changes from Ubuntu (Closes: #346076).
  * Enable Cairo output again.

 -- Ondřej Surý <ondrej@debian.org>  Thu,  5 Jan 2006 14:54:44 +0100

poppler (0.4.3-1) unstable; urgency=high

  * New upstream release.
  * New maintainer (Closes: #344738)
  * CVE-2005-3191 and CAN-2005-2097 fixes merged upstream.
  * Fixed some rendering bugs and disabled Cairo output
    (Closes: #314556, #322964, #328211)
  * Acknowledge NMU (Closes: #342288)
  * Add 001-selection-crash-bug.patch (Closes: #330544)
  * Add poppler-utils (merge patch from Ubuntu)

 -- Ondřej Surý <ondrej@sury.org>  Fri, 30 Dec 2005 11:34:07 +0100

poppler (0.4.2-1.1) unstable; urgency=high

  * SECURITY UPDATE: Multiple integer/buffer overflows.

  * NMU to fix RC security bug (closes: #342288)
  * Add debian/patches/04_CVE-2005-3191_2_3.patch taken from Ubuntu,
    thanks to Martin Pitt:
  * poppler/Stream.cc, DCTStream::readBaselineSOF(),
    DCTStream::readProgressiveSOF(), DCTStream::readScanInfo():
    - Check numComps for invalid values.
    - http://www.idefense.com/application/poi/display?id=342&type=vulnerabilities
    - CVE-2005-3191
  * poppler/Stream.cc, StreamPredictor::StreamPredictor():
    - Check rowBytes for invalid values.
    - http://www.idefense.com/application/poi/display?id=344&type=vulnerabilities
    - CVE-2005-3192
   * poppler/JPXStream.cc, JPXStream::readCodestream():
     - Check img.nXTiles * img.nYTiles for integer overflow.
     - http://www.idefense.com/application/poi/display?id=345&type=vulnerabilities
     - CVE-2005-3193

 -- Frank Küster <frank@debian.org>  Fri, 23 Dec 2005 16:36:30 +0100

poppler (0.4.2-1) unstable; urgency=low

  * GNOME Team upload.
  * New upstream version.
  * debian/control.in:
    - updated the Build-Depends on libqt (Closes: #326130).
  * debian/rules:
    - updated the shlibs.

 -- Sebastien Bacher <seb128@debian.org>  Wed,  7 Sep 2005 12:41:48 +0200

poppler (0.4.0-1) unstable; urgency=low

  * GNOME Team Upload.
  * Rebuild for the CPP transition.
  * New upstream version (Closes: #311133):
    - fix some crashers (Closes: #315590, #312261, #309410).
    - fix some rendering defaults (Closes: #314441, #315383, #309697, #308785).
  * debian/control.in, debian/rules:
    - build with the current cairo version (Closes: #321368, #318293).
    - update for the renamed the packages.
  * debian/patches/01_CAN-2005-2097.patch:
    - Patch from Ubuntu, thanks Martin Pitt.
    - Check sanity of the TrueType "loca" table. Specially crafted broken
      tables caused disk space exhaustion due to very large generated glyph
      descriptions when attempting to fix the table.
    - Upstream patch scheduled for xpdf 3.01.
    - CAN-2005-2097
  * debian/watch:
    - fixed, patch by Jerome Warnier <jwarnier@beeznest.net> (Closes: #310996).
  
 -- Sebastien Bacher <seb128@debian.org>  Wed, 17 Aug 2005 21:54:07 +0200

poppler (0.3.1-1) unstable; urgency=low

  * New upstream release
  * Upstream fixed the Qt build bug, so now I can enable Qt
    build. (Closes:#307340) It leads two new binary packages
    libpoppler0-qt and libpoppler-qt-dev.
  * Excluded DEB_CONFIGURE_SYSCONFDIR setting, which is obsolete by the
    upstream removal of xpdfrc config.

 -- Changwoo Ryu <cwryu@debian.org>  Wed,  4 May 2005 00:19:35 +0900

poppler (0.3.0-2) unstable; urgency=high

  * Added shlib version info for libpoppler0-glib.
  * Corrected dependencies of libpoppler0-glib and libpoppler-glib-dev. 
    (Closes: #306897)
  * Build-Depends on libgtk2.0-dev for -glib packages. (Closes: #306885)
  * Corrected descriptions of -glib packages.

 -- Changwoo Ryu <cwryu@debian.org>  Thu, 28 Apr 2005 02:41:25 +0900

poppler (0.3.0-1) unstable; urgency=low

  * New upstream release (Closes: #306573)
  * Added new binary packages libpoppler0-glib and libpoppler-glib-dev,
    which are GLib-based interfaces.  Qt interface build is termporarily 
    disabled, because of an upstream FTBFS.

 -- Changwoo Ryu <cwryu@debian.org>  Thu, 28 Apr 2005 02:07:23 +0900

poppler (0.1.2-1) unstable; urgency=low

  * Initial Release (Closes: #299518)

 -- Changwoo Ryu <cwryu@debian.org>  Tue, 15 Mar 2005 02:08:00 +0900
