deanna
7d59c0e898
Simplify anti-DRM patches. Catches a new DRM check that slipped in
...
from upstream.
Diff from brad@, inspired by Floor on ports@
ok brad@, bernd@, pvalchev@, and a special "Kill the DRM! DIE DIE
DIE!!!!!!!!" from todd@
2008-04-25 19:19:05 +00:00
bernd
972e5a3c90
Security fix for CVE-2008-1693. From Debian.
...
ok naddy@
2008-04-19 07:38:24 +00:00
landry
cca632a485
Finally, fix make install (spotted by markus lude at gmx.de)
...
fix from sthen@
ok sthen@ steven@
2008-02-14 08:52:35 +00:00
landry
fda5721896
Finally, make xpdf MULTI_PACKAGES, xpdf -main package provides x-depending
...
parts of xpdf, and xpdf -utils provides non-x-depending parts (replacing the
no_x11 flavor). Appropriate @conflict marker makes upgrade flawless.
While here, remove dependency on a specific version of auto* (prompted by naddy@)
(and remember me to never _ever_ touch xpdf again)
Change requested by naddy@ espie@
ok sthen@ naddy@
2008-02-13 16:18:33 +00:00
landry
4a655e71a5
Add a no_x11 FLAVOR, based on an initial submission by Jeremy Evans
...
Discussed with many on ports@
ok brad@
2008-02-10 20:25:13 +00:00
bernd
aee4790913
Update to xpdf-3.02pl2 which contains security fixes for CVE-2007-4352,
...
CVE-2007-5392 and CVE-2007-5393.
More info:
http://secunia.com/secunia_research/2007-88/advisory/
testing & ok simon@, jasper@
2007-11-09 07:15:12 +00:00
naddy
ad83bdd8a8
fix ASCII85 encoding on LP64 archs
2007-08-25 14:42:37 +00:00
naddy
981e5b9829
SECURITY fix for CVE-2007-3387.
...
Also remove former maintainer at his request.
ok kili@
2007-07-31 21:22:16 +00:00
espie
d4ebcd974d
more base64 checksums
2007-04-05 17:26:05 +00:00
ckuethe
454f465537
Forgot to cvs rm this one too. Pointed out by marco
2007-03-30 04:32:13 +00:00
ckuethe
3b5bcac916
Update to xpdf 3.0.2, from Stuart Henderson and Brad Smith
...
Includes some security fixes
ok pvalchev, todd
2007-03-30 04:09:42 +00:00
espie
49a9142c53
new lib specs
2006-08-03 23:55:10 +00:00
bernd
5cef0e1aee
Fix heap based buffer overflow.
...
From KDE. http://www.kde.org/info/security/advisory-20060202-1.txt
ok brad@
2006-02-05 09:59:00 +00:00
bernd
73df9cb65e
Fix several security bugs in the xpdf code.
...
o iDefense advisories from 2005-12-05
o CAN-2005-3191, CAN-2005-3192, CAN-2005-3193
- JPX Stream Reader Heap Overflow Vulnerability
- DCTStream Baseline Heap Overflow Vulnerability
- DCTStream Progressive Heap Overflow
- StreamPredictor Heap Overflow Vulnerability
Patch provided by xpdf developers.
2005-12-07 09:22:14 +00:00
brad
f78eac374a
upgrade to xpdf 3.01
...
Most of the update is from Bernd Ahlers <bernd at ba-net dot org>
2005-09-09 17:34:53 +00:00
sturm
0d88196840
bump PKGNAME so that 3.7 won't have higher PKGNAMEs than 3.8
...
suggested by espie@, ok pval@
2005-08-31 19:55:36 +00:00
naddy
9c8738ab34
Fix denial of service vulnerability.
...
Check sanity of the TrueType "loca" table. Specially crafted broken
tables caused disk space exhaustion due to very large generated glyph
descriptions when attempting to fix the table. CAN-2005-2097.
from Ubuntu Linux; ok brad@
2005-08-11 14:18:47 +00:00
naddy
5fde06cb73
sync patches
2005-08-10 20:27:25 +00:00
naddy
fe99af154b
SECURITY:
...
Fix a buffer overflow due to insufficient bounds checking while
processing a PDF file that provides malicious values in the /Encrypt
/Length tag.
http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities&flashstatus=false
ok robert@
2005-01-19 16:23:16 +00:00
naddy
ae76d3ea1f
SIZE
2005-01-05 17:21:50 +00:00
robert
1186293490
SECURITY:
...
fix a buffer overflow vulnerability; bump PKGNAME; use autoconf-2.59
ok MAINTAINER (brad@)
2004-12-22 17:36:24 +00:00
alek
23b926dc64
Add WANTLIB markers
2004-12-07 00:23:20 +00:00
naddy
398c2b8469
Remove workaround for GNU m4 incompatibility, which has been fixed in our m4.
2004-11-08 16:34:52 +00:00
naddy
1a313ddeea
freetype fixes, adapted from FreeBSD; ok brad@
2004-11-06 18:19:53 +00:00
brad
31ca292e2d
Chris Evans discovered numerous vulnerabilities in the xpdf package:
...
Multiple integer overflow issues affecting xpdf.
These can result in writing an arbitrary byte to an attacker controlled
location which probably could lead to arbitrary code execution.
CAN-2004-0888
Multiple integer overflow issues.
These can result in DoS or possibly arbitrary code execution.
CAN-2004-0889
Chris also discovered issues with infinite loop logic error.
2004-10-23 02:24:36 +00:00
espie
d1fa125d45
new plists
2004-09-15 18:39:31 +00:00
naddy
51b4d86024
drop obsolete lib requirement
2004-07-30 01:19:28 +00:00
brad
370fbe9082
install sample xpdfrc file and fix lpr usage. From: sturm@
2004-04-06 02:35:44 +00:00
brad
8127d75ffc
FreeType2 authors are brain dead. Workaround really stupid change
...
with FreeType2 that comes with XF 4.4.
2004-02-14 21:06:54 +00:00
brad
d08dcf874d
now that there is a separate fonts package for ghostscript
...
use that instead.
2004-01-31 18:06:38 +00:00
brad
722abda26f
better
2004-01-25 09:44:20 +00:00
brad
dba7e02584
- remove bogus --with-gzip in CONFIGURE_ARGS
...
- add RUN_DEPENDS on GNU ghostscript for the fonts
2004-01-25 09:37:39 +00:00
brad
54cbe89b39
upgrade to xpdf 3.00
...
"shitloads better rendering" - jose@
2004-01-25 06:02:40 +00:00
naddy
112339c1d4
remove WWW lines
2003-12-15 21:54:59 +00:00
brad
774e18ab50
remove DRM bullshit.
...
--
From: cloder@
2003-10-24 19:31:57 +00:00
brad
92fc00317d
upgrade to xpdf 2.02pl1
...
fixes a flaw where an attacker can embed malicious hyperlinks that if
activated can execute arbitrary shell commands.
http://marc.theaimsgroup.com/?l=full-disclosure&m=105555332025253&w=2
2003-06-19 12:00:47 +00:00
brad
2d8ff25d82
upgrade to xpdf 2.02
...
--
From: naddy@
2003-05-20 00:37:10 +00:00
sturm
93a38c63c4
update to xpdf 2.01
...
- switch to motif toolkit
- support for multiple open documents
- lots of minor tweaks, bugfixes and additions, see
http://www.foolabs.com/xpdf/CHANGES for details
MAINTAINER ok
2003-02-12 08:28:20 +00:00
brad
f975f83529
The pdftops filter in xpdf contains an integer overflow that can
...
be exploited to gain the privileges of the target user.
http://www.idefense.com/advisory/12.23.02.txt
2002-12-29 23:45:20 +00:00
naddy
d79d0fc832
No regression tests available.
2002-10-28 22:43:46 +00:00
pvalchev
6109dd2c35
no more need to build this static on sparc64, remove workaround
...
ld.so fix thanks to drahn@
2002-09-04 00:55:41 +00:00
brad
e6ed1a0dbf
upgrade to xpdf 1.01
2002-05-23 23:44:21 +00:00
pvalchev
6cfb29e647
temporary link xpdf static on sparc64 to workaround ld.so bug; ok brad
...
with this it works...
2002-05-08 20:33:11 +00:00
brad
8bb1abbd3c
upgrade to xpdf 1.00
2002-04-27 04:21:01 +00:00
brad
00c89eea6f
distfile does not exist on distsites so use MASTER_SITE_BACKUP for now.
2002-03-30 21:48:27 +00:00
kevlo
7276e66536
support Japanese/Chinese PDF viewing.
...
--
Submitted by Hidenori Ishikawa <hideishi@magisystem.net>;
Tested by me;
Ok'd by brad@
2001-12-13 03:26:28 +00:00
brad
91858bb23d
upgrade to xpdf 0.93
2001-11-29 16:42:41 +00:00
espie
d4a8bd7c69
full lib depends
2001-10-24 12:36:02 +00:00
brad
30c8ec7ea4
bump major for t1lib
2001-08-28 00:54:46 +00:00
brad
14ccfbe8fa
dewey dependency on t1lib.
2001-06-27 13:23:22 +00:00