Package xpdf: Information

    Source package: xpdf
    Version: 4.05-alt1
    Latest version according to Repology
    Build time:  May 4, 2024, 11:46 AM in the task #347491
    Category: Office
    Report package bug
    Gear: https://git.altlinux.org/gears/x/xpdf.git?a=tree;hb=cfcea9a368fd…
    Home page: https://www.xpdfreader.com
    License: GPLv2 or GPLv3
    Summary: The PDF viewer and tools
    Description: 
    The Xpdf open source project includes a PDF viewer along with a
collection of command line tools which perform various functions on
PDF files.
    List of rpms provided by this srpm:
    xpdf (x86_64, ppc64le, i586, aarch64)
    xpdf-common (noarch)
    xpdf-desktop (noarch)
    xpdf-i18n (noarch)
    xpdf-utils (x86_64, ppc64le, i586, aarch64)
    xpdf-utils-debuginfo (x86_64, ppc64le, i586, aarch64)
    xpdf-viewer (x86_64, ppc64le, i586, aarch64)
    xpdf-viewer-debuginfo (x86_64, ppc64le, i586, aarch64)
    Maintainer: Andrew Savchenko
    List of contributors:
    Andrew Savchenko
    Arseny Maslennikov
    Gleb Fotengauer-Malinovskiy
    Eugeny A. Rostovtsev
    Victor Forsyuk
    Stanislav Ievlev
    Dmitry V. Levin
    aen
    ACL:
    Andrew Savchenko
    @everybody
      1. cmake
      2. qt6-base-devel
      3. rpm-macros-cmake
      4. desktop-file-utils
      5. fontconfig-devel
      6. gcc-c++
      7. libcups-devel
      8. libfreetype-devel
      9. zlib-devel
      10. libpaper-devel
      11. libpng-devel
      12. librsvg-utils

    Last changed

    May 4, 2024 Andrew Savchenko 4.05-alt1
    - Update xpdf to version 4.05
- Migrate to Qt6
- Update Chinese simplifiend and Korean language files to version 2023-dec-05
- Fix type1 urw fonts path (ALT bug 48335)
- Fixes:
  - CVE-2018-7453 PDF object loop in AcroForm::scanField
  - CVE-2018-16369 PDF object loop in AcroForm::scanField
  - CVE-2019-9587 PDF object loop in Catalog::countPageTree
  - CVE-2019-9588 PDF object loop in Catalog::countPageTree
  - CVE-2019-16088 PDF object loop in Catalog::countPageTree
  - CVE-2022-30524 logic bug in text extractor led to invalid memory access
  - CVE-2022-30775 integer overflow in rasterizer
  - CVE-2022-33108 PDF object loop in Catalog::countPageTree
  - CVE-2022-36561 PDF object loop in AcroForm::scanField
  - CVE-2022-38222 logic bug in JBIG2 decoder
  - CVE-2022-38334 PDF object loop in Catalog::countPageTree
  - CVE-2022-38928 missing bounds check in CFF font converter caused null pointer dereference
  - CVE-2022-41842 PDF object loop in Catalog::countPageTree
  - CVE-2022-41843 missing bounds check in CFF font parser caused invalid memory access
  - CVE-2022-41844 PDF object loop in AcroForm::scanField
  - CVE-2022-43071 PDF object loop in Catalog::readPageLabelTree2
  - CVE-2022-43295 PDF object loop in Catalog::countPageTree
  - CVE-2022-45586 PDF object loop in Catalog::countPageTree
  - CVE-2022-45587 PDF object loop in Catalog::countPageTree
  - CVE-2023-2662 Divide-by-zero in Xpdf 4.04 due to bad color space object
  - CVE-2023-2663 PDF object loop in Catalog::readPageLabelTree2
  - CVE-2023-2664 PDF object loop in Catalog::readEmbeddedFileTree
  - CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size
  - CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references
    May 15, 2022 Andrew Savchenko 4.04-alt1
    - Version bump
- Many bugfixes, including security, including:
  Fixes: CVE-2022-24106, CVE-2022-27135
    May 31, 2021 Arseny Maslennikov 4.03-alt1.1
    - NMU: spec: adapted to new cmake macros.
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top