# ChangeLog for app-text/poppler
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-text/poppler/ChangeLog,v 1.115 2007/01/18 22:41:37 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-text/poppler/ChangeLog,v 1.116 2007/02/10 20:31:55 genstef Exp $
+
+*poppler-0.5.4-r1 (10 Feb 2007)
+
+ 10 Feb 2007; <genstef@gentoo.org> +files/004_CVE-2007-0104.patch,
+ +poppler-0.5.4-r1.ebuild:
+ Add patch for security bug 162460
18 Jan 2007; Jeroen Roovers <jer@gentoo.org> poppler-0.5.4.ebuild:
Stable for HPPA (bug #147751).
+AUX 004_CVE-2007-0104.patch 2581 RMD160 d80464ee04cbbe88379a5c658fc78893515930ea SHA1 b5fd97fee1d364063aaa44d1d01a48906f47f547 SHA256 b29803552a7bebab86c5a93b77b2a1d6ceeace22929ed5050cbf98a91b14eb12
+MD5 be5c2646db5c46bc739ef12b0d7608a0 files/004_CVE-2007-0104.patch 2581
+RMD160 d80464ee04cbbe88379a5c658fc78893515930ea files/004_CVE-2007-0104.patch 2581
+SHA256 b29803552a7bebab86c5a93b77b2a1d6ceeace22929ed5050cbf98a91b14eb12 files/004_CVE-2007-0104.patch 2581
DIST poppler-0.5.3.tar.gz 1049900 RMD160 3456de23955fc4001842c76d32deba308bd7f968 SHA1 e197f5cf56f0676b5ca313577dd6456a393c46ec SHA256 5cfabff39670610fa8f5c33da7b9b0ae89d445445be6d6c245cdce8bf3f24190
DIST poppler-0.5.4.tar.gz 1062401 RMD160 f28c89b03388757067505df3c60a1d878626b0dd SHA1 edf4e4ff17ef86a7f60f097949ad7db53fa2c3b1 SHA256 ca0f880a4ff07391e99b443f0e7c9860241df6a6aaa327b9d811b358d94a29c9
EBUILD poppler-0.5.3.ebuild 1338 RMD160 490692e99337cbc1c00c8847f491e526b8aeeea7 SHA1 ae7367c857d6d17c4435947d4bc5e232d7204237 SHA256 1b6c17fbc74834f65d7ec4d581bbd7d27acadc925a3886224f4b474465b90140
MD5 5905ba7b5c7475f3155ce05820263469 poppler-0.5.3.ebuild 1338
RMD160 490692e99337cbc1c00c8847f491e526b8aeeea7 poppler-0.5.3.ebuild 1338
SHA256 1b6c17fbc74834f65d7ec4d581bbd7d27acadc925a3886224f4b474465b90140 poppler-0.5.3.ebuild 1338
+EBUILD poppler-0.5.4-r1.ebuild 1295 RMD160 6094a00e05a9c104602275042f96c39261757248 SHA1 96609bdaea492e62a29b776628535d871a78ba0d SHA256 466d8540cf8608ea441966cfce1624d509a029fc299baeb05423ec7fe9673022
+MD5 60aa33b2f3e8c1f89082159f90d0cb62 poppler-0.5.4-r1.ebuild 1295
+RMD160 6094a00e05a9c104602275042f96c39261757248 poppler-0.5.4-r1.ebuild 1295
+SHA256 466d8540cf8608ea441966cfce1624d509a029fc299baeb05423ec7fe9673022 poppler-0.5.4-r1.ebuild 1295
EBUILD poppler-0.5.4.ebuild 1238 RMD160 97d88b3411a2645c67568d14819349d0a2b72663 SHA1 ffc7493635e965a5a1cba92f751ff8cdbb5c652b SHA256 11fac41e08ed1070039862449e21a6520cec5c9dee7d4defb9dc2ca9fd5a010c
MD5 3f3dcd36cb0bbbeb8ccd58396de5d13d poppler-0.5.4.ebuild 1238
RMD160 97d88b3411a2645c67568d14819349d0a2b72663 poppler-0.5.4.ebuild 1238
SHA256 11fac41e08ed1070039862449e21a6520cec5c9dee7d4defb9dc2ca9fd5a010c poppler-0.5.4.ebuild 1238
-MISC ChangeLog 15631 RMD160 6181ac340b7ba4522ac7d1ea98b0738c7b84e0ff SHA1 4163fcd3a2cda66cf7c11c92d75931451e7586d7 SHA256 9caec46c719eb4d68518446be2129fa7beac6497404b6193481205db460121a4
-MD5 c8fecf822d796e2f9fd3b6a6374d85e6 ChangeLog 15631
-RMD160 6181ac340b7ba4522ac7d1ea98b0738c7b84e0ff ChangeLog 15631
-SHA256 9caec46c719eb4d68518446be2129fa7beac6497404b6193481205db460121a4 ChangeLog 15631
+MISC ChangeLog 15801 RMD160 2369b05888e102e1a1f77af3edc37f0b20fef738 SHA1 6cf9f5d7eab0a13f10d2baaf94481ceda6f6c8bc SHA256 97c3b2db28b39ae83ff11c45e2d17f0adfe419bb1d4eeb3fa00c17b620f3d1e7
+MD5 7faf8a9f9af2b0e0397c4b6f93c1a841 ChangeLog 15801
+RMD160 2369b05888e102e1a1f77af3edc37f0b20fef738 ChangeLog 15801
+SHA256 97c3b2db28b39ae83ff11c45e2d17f0adfe419bb1d4eeb3fa00c17b620f3d1e7 ChangeLog 15801
MISC metadata.xml 161 RMD160 1e5b1e42553c8869b93c4a5448e9a2a2ed9fe525 SHA1 209c6a46e4cdd891980115e42ba419e3799f8088 SHA256 7c85e6739a71f5bb23e8de36c88677d772946e61f7285892f7554e37bd2bca76
MD5 26b4b081d538c195dc39bcb2ec8e6f3a metadata.xml 161
RMD160 1e5b1e42553c8869b93c4a5448e9a2a2ed9fe525 metadata.xml 161
MD5 a1e0228078c7c35fece8606abf60e755 files/digest-poppler-0.5.4 244
RMD160 fc23315deb3d8d4c5c66c228e721ca49d9b6bf59 files/digest-poppler-0.5.4 244
SHA256 e98abc83422dd85e19f4a3bfccbaa25079f6a78c1f326f7a0f2fbec61cb9bb3d files/digest-poppler-0.5.4 244
+MD5 a1e0228078c7c35fece8606abf60e755 files/digest-poppler-0.5.4-r1 244
+RMD160 fc23315deb3d8d4c5c66c228e721ca49d9b6bf59 files/digest-poppler-0.5.4-r1 244
+SHA256 e98abc83422dd85e19f4a3bfccbaa25079f6a78c1f326f7a0f2fbec61cb9bb3d files/digest-poppler-0.5.4-r1 244
--- /dev/null
+diff -Nur poppler-0.5.4/poppler/Catalog.cc poppler-0.5.4.new/poppler/Catalog.cc
+--- poppler-0.5.4/poppler/Catalog.cc 2006-09-13 17:10:52.000000000 +0200
++++ poppler-0.5.4.new/poppler/Catalog.cc 2007-01-16 17:57:43.000000000 +0100
+@@ -26,6 +26,12 @@
+ #include "UGooString.h"
+ #include "Catalog.h"
+
++// This define is used to limit the depth of recursive readPageTree calls
++// This is needed because the page tree nodes can reference their parents
++// leaving us in an infinite loop
++// Most sane pdf documents don't have a call depth higher than 10
++#define MAX_CALL_DEPTH 1000
++
+ //------------------------------------------------------------------------
+ // Catalog
+ //------------------------------------------------------------------------
+@@ -75,7 +81,7 @@
+ pageRefs[i].num = -1;
+ pageRefs[i].gen = -1;
+ }
+- numPages = readPageTree(pagesDict.getDict(), NULL, 0);
++ numPages = readPageTree(pagesDict.getDict(), NULL, 0, 0);
+ if (numPages != numPages0) {
+ error(-1, "Page count in top-level pages object is incorrect");
+ }
+@@ -217,7 +223,7 @@
+ return s;
+ }
+
+-int Catalog::readPageTree(Dict *pagesDict, PageAttrs *attrs, int start) {
++int Catalog::readPageTree(Dict *pagesDict, PageAttrs *attrs, int start, int callDepth) {
+ Object kids;
+ Object kid;
+ Object kidRef;
+@@ -262,9 +268,13 @@
+ // This should really be isDict("Pages"), but I've seen at least one
+ // PDF file where the /Type entry is missing.
+ } else if (kid.isDict()) {
+- if ((start = readPageTree(kid.getDict(), attrs1, start))
+- < 0)
+- goto err2;
++ if (callDepth > MAX_CALL_DEPTH) {
++ error(-1, "Limit of %d recursive calls reached while reading the page tree. If your document is correct and not a test to try to force a crash, please report a bug.", MAX_CALL_DEPTH);
++ } else {
++ if ((start = readPageTree(kid.getDict(), attrs1, start, callDepth + 1))
++ < 0)
++ goto err2;
++ }
+ } else {
+ error(-1, "Kid object (page %d) is wrong type (%s)",
+ start+1, kid.getTypeName());
+diff -Nur poppler-0.5.4/poppler/Catalog.h poppler-0.5.4.new/poppler/Catalog.h
+--- poppler-0.5.4/poppler/Catalog.h 2006-01-23 15:43:36.000000000 +0100
++++ poppler-0.5.4.new/poppler/Catalog.h 2007-01-16 17:58:09.000000000 +0100
+@@ -193,7 +193,7 @@
+ PageMode pageMode; // page mode
+ PageLayout pageLayout; // page layout
+
+- int readPageTree(Dict *pages, PageAttrs *attrs, int start);
++ int readPageTree(Dict *pages, PageAttrs *attrs, int start, int callDepth);
+ Object *findDestInTree(Object *tree, GooString *name, Object *obj);
+ };
+
--- /dev/null
+MD5 053fdfd70533ecce1a06353fa945f061 poppler-0.5.4.tar.gz 1062401
+RMD160 f28c89b03388757067505df3c60a1d878626b0dd poppler-0.5.4.tar.gz 1062401
+SHA256 ca0f880a4ff07391e99b443f0e7c9860241df6a6aaa327b9d811b358d94a29c9 poppler-0.5.4.tar.gz 1062401
--- /dev/null
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-text/poppler/poppler-0.5.4-r1.ebuild,v 1.1 2007/02/10 20:31:55 genstef Exp $
+
+inherit libtool eutils
+
+DESCRIPTION="PDF rendering library based on the xpdf-3.0 code base"
+HOMEPAGE="http://poppler.freedesktop.org/"
+SRC_URI="http://poppler.freedesktop.org/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd"
+IUSE="cjk jpeg zlib"
+
+RDEPEND=">=media-libs/freetype-2.1.8
+ media-libs/fontconfig
+ cjk? ( app-text/poppler-data )
+ jpeg? ( >=media-libs/jpeg-6b )
+ !app-text/pdftohtml"
+DEPEND="${RDEPEND}
+ dev-util/pkgconfig"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch ${FILESDIR}/004_CVE-2007-0104.patch
+ elibtoolize
+}
+
+src_compile() {
+ econf \
+ --disable-poppler-qt4 \
+ --disable-poppler-glib \
+ --disable-poppler-qt \
+ --disable-gtk-test \
+ --enable-opi \
+ --disable-cairo-output \
+ --enable-xpdf-headers \
+ $(use_enable jpeg libjpeg) \
+ $(use_enable zlib) \
+ || die "configuration failed"
+ emake || die "compilation failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "make install failed"
+ dodoc README AUTHORS ChangeLog NEWS README-XPDF TODO pdf2xml.dtd
+}
projects / gentoo.git / commitdiff