Package xpdf: Information

  • Default inline alert: Version in the repository: 4.04-alt1

Source package: xpdf
Version: 4.05-alt1
Build time:  May 4, 2024, 11:50 AM
Category: Office
Report package bug
Home page: https://www.xpdfreader.com
License: GPLv2 or GPLv3
Summary: The PDF viewer and tools
Description: 
The Xpdf open source project includes a PDF viewer along with a
collection of command line tools which perform various functions on
PDF files.
List of rpms provided by this srpm:
xpdf (x86_64, ppc64le, i586, armh, aarch64)
xpdf-common (noarch)
xpdf-desktop (noarch)
xpdf-i18n (noarch)
xpdf-utils (x86_64, ppc64le, i586, armh, aarch64)
xpdf-utils-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
xpdf-viewer (x86_64, ppc64le, i586, armh, aarch64)
xpdf-viewer-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrew Savchenko
List of contributors:
Andrew Savchenko
Arseny Maslennikov
Gleb Fotengauer-Malinovskiy
Eugeny A. Rostovtsev
Victor Forsyuk
Stanislav Ievlev
Dmitry V. Levin
aen
    1. desktop-file-utils
    2. fontconfig-devel
    3. librsvg-utils
    4. gcc-c++
    5. cmake
    6. qt6-base-devel
    7. rpm-macros-cmake
    8. libcups-devel
    9. libfreetype-devel
    10. libpaper-devel
    11. zlib-devel
    12. libpng-devel

Last changed

May 4, 2024 Andrew Savchenko 4.05-alt1
- Update xpdf to version 4.05
- Migrate to Qt6
- Update Chinese simplifiend and Korean language files to version 2023-dec-05
- Fix type1 urw fonts path (ALT bug 48335)
- Fixes:
  - CVE-2018-7453 PDF object loop in AcroForm::scanField
  - CVE-2018-16369 PDF object loop in AcroForm::scanField
  - CVE-2019-9587 PDF object loop in Catalog::countPageTree
  - CVE-2019-9588 PDF object loop in Catalog::countPageTree
  - CVE-2019-16088 PDF object loop in Catalog::countPageTree
  - CVE-2022-30524 logic bug in text extractor led to invalid memory access
  - CVE-2022-30775 integer overflow in rasterizer
  - CVE-2022-33108 PDF object loop in Catalog::countPageTree
  - CVE-2022-36561 PDF object loop in AcroForm::scanField
  - CVE-2022-38222 logic bug in JBIG2 decoder
  - CVE-2022-38334 PDF object loop in Catalog::countPageTree
  - CVE-2022-38928 missing bounds check in CFF font converter caused null pointer dereference
  - CVE-2022-41842 PDF object loop in Catalog::countPageTree
  - CVE-2022-41843 missing bounds check in CFF font parser caused invalid memory access
  - CVE-2022-41844 PDF object loop in AcroForm::scanField
  - CVE-2022-43071 PDF object loop in Catalog::readPageLabelTree2
  - CVE-2022-43295 PDF object loop in Catalog::countPageTree
  - CVE-2022-45586 PDF object loop in Catalog::countPageTree
  - CVE-2022-45587 PDF object loop in Catalog::countPageTree
  - CVE-2023-2662 Divide-by-zero in Xpdf 4.04 due to bad color space object
  - CVE-2023-2663 PDF object loop in Catalog::readPageLabelTree2
  - CVE-2023-2664 PDF object loop in Catalog::readEmbeddedFileTree
  - CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size
  - CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references
May 15, 2022 Andrew Savchenko 4.04-alt1
- Version bump
- Many bugfixes, including security, including:
  Fixes: CVE-2022-24106, CVE-2022-27135
May 31, 2021 Arseny Maslennikov 4.03-alt1.1
- NMU: spec: adapted to new cmake macros.
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top