-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 02 Dec 2017 07:34:06 +0100
Source: poppler
Binary: libpoppler46 libpoppler-dev libpoppler-private-dev libpoppler-glib8 libpoppler-glib-dev libpoppler-glib-doc gir1.2-poppler-0.18 libpoppler-qt4-4 libpoppler-qt4-dev libpoppler-qt5-1 libpoppler-qt5-dev libpoppler-cpp0 libpoppler-cpp-dev poppler-utils poppler-dbg
Architecture: source amd64 all
Version: 0.26.5-2+deb8u2
Distribution: jessie-security
Urgency: medium
Maintainer: Loic Minier <lool@dooz.org>
Changed-By: Santiago R.R. <santiagorr@riseup.net>
Description:
 gir1.2-poppler-0.18 - GObject introspection data for poppler-glib
 libpoppler-cpp-dev - PDF rendering library -- development files (CPP interface)
 libpoppler-cpp0 - PDF rendering library (CPP shared library)
 libpoppler-dev - PDF rendering library -- development files
 libpoppler-glib-dev - PDF rendering library -- development files (GLib interface)
 libpoppler-glib-doc - PDF rendering library -- documentation for the GLib interface
 libpoppler-glib8 - PDF rendering library (GLib-based shared library)
 libpoppler-private-dev - PDF rendering library -- private development files
 libpoppler-qt4-4 - PDF rendering library (Qt 4 based shared library)
 libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface)
 libpoppler-qt5-1 - PDF rendering library (Qt 5 based shared library)
 libpoppler-qt5-dev - PDF rendering library -- development files (Qt 5 interface)
 libpoppler46 - PDF rendering library
 poppler-dbg - PDF rendering library -- debugging symbols
 poppler-utils - PDF utilities (based on Poppler)
Changes:
 poppler (0.26.5-2+deb8u2) jessie-security; urgency=medium
 .
   * Fix CVE-2017-9406: a memory leak vulnerability was found in the function
     gmalloc in gmem.cc, which allows attackers to cause a denial of service
     via a crafted file.
   * Fix CVE-2017-9408: memory leak in the function Object::initArray in
     Object.cc that allows attackers to cause a DoS via a crafted file.
   * Fix CVE-2017-9775: Stack buffer overflow in GfxState.cc in pdftocairo that
     allows remote attackers to cause a denial of service (application crash)
     via a crafted PDF document.
   * Fix CVE-2017-9776: Integer overflow leading to Heap buffer overflow in
     JBIG2Stream.cc in pdftocairo allows remote attackers to cause a denial of
     service (application crash) or possibly have unspecified other impact via a
     crafted PDF document.
   * Fix CVE-2017-9865: The function GfxImageColorMap::getGray in GfxState.cc
     allows remote attackers to cause a denial of service (stack-based buffer
     over-read and application crash) via a crafted PDF document
   * Fix CVE-2017-14517: NULL pointer dereference vulnerability in the
     XRef::parseEntry() function in XRef.cc
   * Fix CVE-2017-14518: Floating point exception in the
     isImageInterpolationRequired() function in Splash.cc
   * Fix CVE-2017-14519: A memory corruption may occur in a call to
     Object::streamGetChar
   * Fix CVE-2017-14520: Floating point exception in Splash::scaleImageYuXd()
   * Fix CVE-2017-14617: Floating point exception in the ImageStream class in
     Stream.cc
   * Fix CVE-2017-14975: NULL pointer dereference vulnerability in the
     FoFiType1C::convertToType0 function in FoFiType1C.cc
   * Fix CVE-2017-14976: Heap-based buffer over-read vulnerability in the
     FoFiType1C::convertToType0 function in FoFiType1C.cc
   * Fix CVE-2017-14977: NULL pointer dereference vulnerability in the
     FoFiTrueType::getCFFBlock function in FoFiTrueType.cc
   * Fix CVE-2017-15565: NULL Pointer Dereference in the
     GfxImageColorMap::getGrayLine() function in GfxState.cc
Checksums-Sha1:
 be3e9a46f381d4d1d051f176dbdb9b71009f25a8 3302 poppler_0.26.5-2+deb8u2.dsc
 7b9c338734f6c98adcced62625817a382e8d22d7 37688 poppler_0.26.5-2+deb8u2.debian.tar.xz
 f9127e30e6d21be24a2db0589829b17838396809 1211322 libpoppler46_0.26.5-2+deb8u2_amd64.deb
 7e201c3b3eaa6b2a5e133bf89c31d8b9b59a4c06 766080 libpoppler-dev_0.26.5-2+deb8u2_amd64.deb
 783c0abd6c50db4a818743fbc73f379e6693131b 179572 libpoppler-private-dev_0.26.5-2+deb8u2_amd64.deb
 02ca60a69364bdf7a8926d1850716ba258a57baf 121706 libpoppler-glib8_0.26.5-2+deb8u2_amd64.deb
 c95c706e96b6df0bfa7fa0ba12897ef4024e6402 162006 libpoppler-glib-dev_0.26.5-2+deb8u2_amd64.deb
 6ac2ff27735b995cbb9c32c4cf1d55aaa3dccc04 85460 libpoppler-glib-doc_0.26.5-2+deb8u2_all.deb
 ce51dd987aff7aa1bfe54e16e8495cd74435cc0e 33572 gir1.2-poppler-0.18_0.26.5-2+deb8u2_amd64.deb
 ed4254cc94c0212e4d5ad4100796cbd504db8d97 126640 libpoppler-qt4-4_0.26.5-2+deb8u2_amd64.deb
 22c546737e72cbe3550f9a0ffc1bc618eb956e3c 157778 libpoppler-qt4-dev_0.26.5-2+deb8u2_amd64.deb
 b448933125fdaf625011ebf213d821e4c382b2b2 131338 libpoppler-qt5-1_0.26.5-2+deb8u2_amd64.deb
 b6eaf7117dc4075415ac198800b433dba06fe98f 164918 libpoppler-qt5-dev_0.26.5-2+deb8u2_amd64.deb
 69a9b7789eac92c9a963fce86253a0fa53a8590f 44050 libpoppler-cpp0_0.26.5-2+deb8u2_amd64.deb
 e098ca7e9971be5f5ebcea3349c201458c755361 48570 libpoppler-cpp-dev_0.26.5-2+deb8u2_amd64.deb
 e85cf39ec07279741569543fe6d4ba8f56b54523 140340 poppler-utils_0.26.5-2+deb8u2_amd64.deb
 3de2a10fd783135e3dac2907cd0263af3c2f8d01 7683558 poppler-dbg_0.26.5-2+deb8u2_amd64.deb
Checksums-Sha256:
 31d36174e01ae2ac977886ee596720a0172c8fbee89adb8f7e25210b6e1af5c4 3302 poppler_0.26.5-2+deb8u2.dsc
 ebfbe4ae7c234d748aacfff5054f0c53b4130dd8cf97742dda10b4814e96960c 37688 poppler_0.26.5-2+deb8u2.debian.tar.xz
 94463745121736f1cbc0fce9f831ea31fdce0e5f151451384ea77531233ae56b 1211322 libpoppler46_0.26.5-2+deb8u2_amd64.deb
 bce934d1accb089bc9cb812fb902aa131cfdbc31a0bdff9c9a36402c2ff2d99e 766080 libpoppler-dev_0.26.5-2+deb8u2_amd64.deb
 70ed1d3317a4c8ac58b400006d607ec5c1d75a19b2850e82869dca4c92b24389 179572 libpoppler-private-dev_0.26.5-2+deb8u2_amd64.deb
 9e2635ed654837294b3b6099060efb5f7ee0b2f74369c2cfbe28563f5e504cf2 121706 libpoppler-glib8_0.26.5-2+deb8u2_amd64.deb
 62ad095de284bfb1b9e8477df080a4f1ddb1fb146638c8585aeee72d043e14fc 162006 libpoppler-glib-dev_0.26.5-2+deb8u2_amd64.deb
 9e53523ef4760bd1e025e8a76eef48fa46effcb2368547c11d1e1f21844bcd67 85460 libpoppler-glib-doc_0.26.5-2+deb8u2_all.deb
 179a0bb731c5abb55a049fb9731136784e6025182cd73853da3d28aad9062be4 33572 gir1.2-poppler-0.18_0.26.5-2+deb8u2_amd64.deb
 64f446cc8168344d331037ad1b873a689944da60fba944cdfceaa8f3d047c0f5 126640 libpoppler-qt4-4_0.26.5-2+deb8u2_amd64.deb
 d8c2ddb5e782fabd431bfb87e09bb575f58536b81c68de21a10add35c482d260 157778 libpoppler-qt4-dev_0.26.5-2+deb8u2_amd64.deb
 05daa36fde7db572b767d937677d00950d05c8dd4f1fe56b40ed4c9ff9b0feeb 131338 libpoppler-qt5-1_0.26.5-2+deb8u2_amd64.deb
 57111144386518e5b1e3045841947c320f5d22003a9bc30c031bfc65700e3f8d 164918 libpoppler-qt5-dev_0.26.5-2+deb8u2_amd64.deb
 be040db29493f9d5f035246d9aea92985809a3518b9d5ab48accf1bde1633939 44050 libpoppler-cpp0_0.26.5-2+deb8u2_amd64.deb
 4f799471186729c1f5c586e0c732c260a3bd5708a1c7f979a1b7bb011aa2f452 48570 libpoppler-cpp-dev_0.26.5-2+deb8u2_amd64.deb
 271f5561b5adee179397f8534e67f8fecd9ee660ab9d4fa33aa7f7ab34804369 140340 poppler-utils_0.26.5-2+deb8u2_amd64.deb
 8b6f26d70617a030ed00f9a59ee08d584d39a4f1fc325c5cacab4f243b56c1ef 7683558 poppler-dbg_0.26.5-2+deb8u2_amd64.deb
Files:
 70cce25e01aacdf12baccc89e8728fb2 3302 devel optional poppler_0.26.5-2+deb8u2.dsc
 a7ab0709211aa05e022e70531041f769 37688 devel optional poppler_0.26.5-2+deb8u2.debian.tar.xz
 f19dd4d200598111f224bfe0ac61ee56 1211322 libs optional libpoppler46_0.26.5-2+deb8u2_amd64.deb
 b3425769b86579af58fddd6cbed6346e 766080 libdevel optional libpoppler-dev_0.26.5-2+deb8u2_amd64.deb
 0ce5b82324a4746302e124bbaeed91bc 179572 libdevel optional libpoppler-private-dev_0.26.5-2+deb8u2_amd64.deb
 afebc792c291d0394d7515671fd1c9b0 121706 libs optional libpoppler-glib8_0.26.5-2+deb8u2_amd64.deb
 82a31f33b3a6adf5bf0791360eb625ba 162006 libdevel optional libpoppler-glib-dev_0.26.5-2+deb8u2_amd64.deb
 23ca740b509406b5e325be03910f03b3 85460 doc optional libpoppler-glib-doc_0.26.5-2+deb8u2_all.deb
 ed20178dcf2c6dde69773e67b179606d 33572 introspection optional gir1.2-poppler-0.18_0.26.5-2+deb8u2_amd64.deb
 554cef42ec0de0d4e76cc7e03f86c9fa 126640 libs optional libpoppler-qt4-4_0.26.5-2+deb8u2_amd64.deb
 69e063f456af38cde43b320a805944c5 157778 libdevel optional libpoppler-qt4-dev_0.26.5-2+deb8u2_amd64.deb
 220212df6ff2a98c71770410079ce8f6 131338 libs optional libpoppler-qt5-1_0.26.5-2+deb8u2_amd64.deb
 12d038fc6ef340acfcc3afd4c929ff2f 164918 libdevel optional libpoppler-qt5-dev_0.26.5-2+deb8u2_amd64.deb
 25104f7e8157fb60f9227bd366fad4f3 44050 libs optional libpoppler-cpp0_0.26.5-2+deb8u2_amd64.deb
 6e6ce8f1889d1b714eeccb196b48f5a7 48570 libdevel optional libpoppler-cpp-dev_0.26.5-2+deb8u2_amd64.deb
 cf8b087e37dd6abf0cc971cf3df6d43d 140340 utils optional poppler-utils_0.26.5-2+deb8u2_amd64.deb
 a660e6feead14bd05f59c8d2fa3f0208 7683558 debug extra poppler-dbg_0.26.5-2+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwUqnBPVvaa0NAVzHFX/a4RXx4q0FAlpJHFMACgkQFX/a4RXx
4q3QDg/9H9CpeUqrUYP1g+BmHpaKoajZF2A6gF1KqEIAOqi95wsoYeroMrEcUhBR
umJn36PKV7xcXWchuOD1od00u2Q08YqXjSAbIs/Nwnj0bhaDElKIxL+qNfy4J2IC
Vhuo2oSG8ktGR1TlxwFyvfi7iK6bTcXv2gzv4vzIstIeLxPTR3zsjUjFMDoSRIhP
LbAJCIDBg4jkvrYV6DOp0PDZEeaSbfYKH6Kj2QxiaDeJO7SPj9uz06yLSpK7gxKq
48DN6j6SWmksctqAdvYDdxzQoSPmcP0zoUBxE+Z5EqykZlmIO/j1PUR9ZWJx/wL4
DbXPrpT7XOrXITCtmEXkhXEb4/oeHPniSJ6oUAZLaZW1UD2Vyc7+Q77AGStQmBd6
wEvAS7GBgYt2TlNZYAeCTRxUeimmtibaLeuFGwTotpa1lMOa8QRCAQT9qqXDC0w3
2Ojcpz+Fh2mcG6lbJwrr6Dhm2g6A/4tzoZAOcxwUIZYxrchZpVTAWZboDzOeUm3n
wN/7cvAxRPFYAqM6/KvOzjzkxVdlH3OxPbSN97L+JeLvprp6uzA6DjKbWDiIltGx
LDcEFxUhh4vjdn42GU4wJB6+6KpKtgHZI1APlOrWhF3dg/4Hs8N7m381OBUqJfZH
DnnBe0nBaDI572tt+D0U6Q919rzoBmLk0ZNd939k34eLctQfmeY=
=sCHc
-----END PGP SIGNATURE-----