From: Raspbian automatic forward porter Date: Thu, 5 Jun 2025 19:03:11 +0000 (+0100) Subject: Merge version 24.08.0-2+rpi1 and 25.03.0-4 to produce 25.03.0-4+rpi1 X-Git-Tag: archive/raspbian/25.03.0-4+rpi1^0 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=a9d029a77990e8067c95085d68333cebbb12a01a;p=poppler.git Merge version 24.08.0-2+rpi1 and 25.03.0-4 to produce 25.03.0-4+rpi1 --- a9d029a77990e8067c95085d68333cebbb12a01a diff --cc debian/changelog index 9efe926,6fa8f53..f368515 --- a/debian/changelog +++ b/debian/changelog @@@ -1,8 -1,102 +1,109 @@@ - poppler (24.08.0-2+rpi1) trixie-staging; urgency=medium ++poppler (25.03.0-4+rpi1) trixie-staging; urgency=medium + ++ [changes brought forward from 24.08.0-2+rpi1 by Peter Michael Green at Tue, 17 Sep 2024 22:18:17 +0000] + * Update symbols file for raspbian. + - -- Peter Michael Green Tue, 17 Sep 2024 22:18:17 +0000 ++ -- Raspbian forward porter Thu, 05 Jun 2025 19:03:10 +0000 ++ + poppler (25.03.0-4) unstable; urgency=high + + * Team upload + * SECURITY UPDATE: Properly verify abde.pkcs7.sha1 signatures + - Cherry-pick upstream fix for the + NSSSignatureVerification::validateSignature function + in NSSCryptoSignBackend.cc + - CVE-2025-43903 (Closes: #1103545) + + -- Jeremy Bícha Fri, 18 Apr 2025 18:16:32 -0400 + + poppler (25.03.0-3) unstable; urgency=high + + * Team upload + * SECURITY UPDATE: floating-point exception vulnerability (Closes: #1102190) + - Cherry-pick upstream fix for the PSStack::roll function + in Function.cc + - CVE-2025-32364 + * SECURITY UPDATE: out-of-bounds read vulnerability (Closes: #1102191) + - Cherry-pick upstream fix for the JBIG2Bitmap::combine function + in JBIG2Stream.cc (LP: #2106404) + - CVE-2025-32365 + + -- Jeremy Bícha Mon, 07 Apr 2025 11:11:10 -0400 + + poppler (25.03.0-2) unstable; urgency=medium + + * Team upload + * Release to Unstable (LP: #2100905) + + -- Jeremy Bícha Thu, 06 Mar 2025 07:13:50 -0500 + + poppler (25.03.0-1) experimental; urgency=medium + + * Team upload + * New upstream release + * Rename libpoppler145 to libpoppler147 to match soname bump + * Update symbols files + * Remove all patches: applied in new release + + -- Jeremy Bícha Tue, 04 Mar 2025 16:22:49 -0500 + + poppler (25.01.0-5) unstable; urgency=medium + + * Team upload + * Cherry-pick default signature colors fix for Papers (Closes: #1098406) + + -- Jeremy Bícha Thu, 27 Feb 2025 15:01:21 -0500 + + poppler (25.01.0-4) unstable; urgency=medium + + * Add patch to fix glib crash, needed by papers 48 + + -- Jeremy Bícha Thu, 06 Feb 2025 22:31:49 -0500 + + poppler (25.01.0-3) unstable; urgency=medium + + [ Helmut Grohne ] + * Fix FTCBFS: Disable gtkdoc in arch-only build (Closes: #1060865) + + -- Jeremy Bícha Mon, 03 Feb 2025 09:19:28 -0500 + + poppler (25.01.0-2) unstable; urgency=medium + + * Team upload + * Run wrap-and-sort + * Update gir Depends + * Remove obsolete Lintian overrides + * Release to unstable + + -- Jeremy Bícha Sun, 26 Jan 2025 13:53:06 -0500 + + poppler (25.01.0-1) experimental; urgency=medium + + * Team upload + * New upstream release + * Rename libpoppler and libpoppler-cpp packages for soname bump + * Update symbol files with new symbols + * Remove remaining patch: applied upstream + + -- Alessandro Astone Wed, 15 Jan 2025 12:29:05 +0100 + + poppler (24.08.0-4) unstable; urgency=high + + * Team upload + * SECURITY UPDATE: out-of-bounds read vulnerability (Closes: #1091322) + - Cherry-pick upstream fix for the JBIG2Bitmap::combine function + in JBIG2Stream.cc + - CVE-2024-56378 + * libpoppler-glib-dev: Add Provides: ${gir:Provides} + + -- Jeremy Bícha Sat, 04 Jan 2025 17:16:42 -0900 + + poppler (24.08.0-3) unstable; urgency=medium + + [ John Scott ] + * Enable the GnuPG/gpgsm PDF signature backend. + + -- Emilio Pozuelo Monfort Wed, 23 Oct 2024 09:35:17 +0200 poppler (24.08.0-2) unstable; urgency=medium