openbsd-ports

Author	SHA1	Message	Date
kili	4dd01b2023	Update to xpdf-3.03.	2011-10-01 19:46:35 +00:00
stsp	1bfd6642b1	Apply a patch to fix a heap overflow (poppler has the same fix, and xpdf upstream will release this fix in xpdf-3.03). Also apply a patch that kili@ lifted from poppler some time ago. Both patches fix crashes seen with some PDF documents. ok sthen, "don't wait for me" kili	2011-03-03 21:22:13 +00:00
miod	0b43f8cc7c	Prevent more out-of-bounds aray accesses by ignoring hints referencing point numbers out of the correct range; ok kili@, riding on the update.	2010-12-04 10:45:21 +00:00
miod	81ea9ff787	Update to xpdf 3.02pl5. ok kili@	2010-12-04 10:44:31 +00:00
jasper	88c0ccc707	- add security fix for CVE-2010-3702. ok kili@ naddy@	2010-10-13 17:29:37 +00:00
jasper	bde4fd8027	Security fix for CVE-2010-3704. Patch from upstream poppler git.	2010-10-13 11:37:25 +00:00
jasper	89278da340	- give the urlCommand a slightly bigger chance of working - regen patches	2010-05-27 14:55:40 +00:00
miod	341c29a6c7	Fix possible out of bounds access in xpath code, reported upstream; bump package name. ok kili@	2009-05-30 22:35:56 +00:00
naddy	e71b604a5c	don't hardcode /usr/local and don't probe paths that don't exist on OpenBSD ok steven@, kili@, landry@, sthen@	2009-04-04 14:45:48 +00:00
deanna	7d59c0e898	Simplify anti-DRM patches. Catches a new DRM check that slipped in from upstream. Diff from brad@, inspired by Floor on ports@ ok brad@, bernd@, pvalchev@, and a special "Kill the DRM! DIE DIE DIE!!!!!!!!" from todd@	2008-04-25 19:19:05 +00:00
bernd	972e5a3c90	Security fix for CVE-2008-1693. From Debian. ok naddy@	2008-04-19 07:38:24 +00:00
landry	4a655e71a5	Add a no_x11 FLAVOR, based on an initial submission by Jeremy Evans Discussed with many on ports@ ok brad@	2008-02-10 20:25:13 +00:00
bernd	aee4790913	Update to xpdf-3.02pl2 which contains security fixes for CVE-2007-4352, CVE-2007-5392 and CVE-2007-5393. More info: http://secunia.com/secunia_research/2007-88/advisory/ testing & ok simon@, jasper@	2007-11-09 07:15:12 +00:00
naddy	ad83bdd8a8	fix ASCII85 encoding on LP64 archs	2007-08-25 14:42:37 +00:00
ckuethe	454f465537	Forgot to cvs rm this one too. Pointed out by marco	2007-03-30 04:32:13 +00:00
ckuethe	3b5bcac916	Update to xpdf 3.0.2, from Stuart Henderson and Brad Smith Includes some security fixes ok pvalchev, todd	2007-03-30 04:09:42 +00:00
bernd	5cef0e1aee	Fix heap based buffer overflow. From KDE. http://www.kde.org/info/security/advisory-20060202-1.txt ok brad@	2006-02-05 09:59:00 +00:00
bernd	73df9cb65e	Fix several security bugs in the xpdf code. o iDefense advisories from 2005-12-05 o CAN-2005-3191, CAN-2005-3192, CAN-2005-3193 - JPX Stream Reader Heap Overflow Vulnerability - DCTStream Baseline Heap Overflow Vulnerability - DCTStream Progressive Heap Overflow - StreamPredictor Heap Overflow Vulnerability Patch provided by xpdf developers.	2005-12-07 09:22:14 +00:00
brad	f78eac374a	upgrade to xpdf 3.01 Most of the update is from Bernd Ahlers <bernd at ba-net dot org>	2005-09-09 17:34:53 +00:00
naddy	9c8738ab34	Fix denial of service vulnerability. Check sanity of the TrueType "loca" table. Specially crafted broken tables caused disk space exhaustion due to very large generated glyph descriptions when attempting to fix the table. CAN-2005-2097. from Ubuntu Linux; ok brad@	2005-08-11 14:18:47 +00:00
naddy	5fde06cb73	sync patches	2005-08-10 20:27:25 +00:00
naddy	fe99af154b	SECURITY: Fix a buffer overflow due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities&flashstatus=false ok robert@	2005-01-19 16:23:16 +00:00
robert	1186293490	SECURITY: fix a buffer overflow vulnerability; bump PKGNAME; use autoconf-2.59 ok MAINTAINER (brad@)	2004-12-22 17:36:24 +00:00
naddy	398c2b8469	Remove workaround for GNU m4 incompatibility, which has been fixed in our m4.	2004-11-08 16:34:52 +00:00
naddy	1a313ddeea	freetype fixes, adapted from FreeBSD; ok brad@	2004-11-06 18:19:53 +00:00
brad	31ca292e2d	Chris Evans discovered numerous vulnerabilities in the xpdf package: Multiple integer overflow issues affecting xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. CAN-2004-0888 Multiple integer overflow issues. These can result in DoS or possibly arbitrary code execution. CAN-2004-0889 Chris also discovered issues with infinite loop logic error.	2004-10-23 02:24:36 +00:00
brad	370fbe9082	install sample xpdfrc file and fix lpr usage. From: sturm@	2004-04-06 02:35:44 +00:00
brad	54cbe89b39	upgrade to xpdf 3.00 "shitloads better rendering" - jose@	2004-01-25 06:02:40 +00:00
brad	774e18ab50	remove DRM bullshit. -- From: cloder@	2003-10-24 19:31:57 +00:00
brad	2d8ff25d82	upgrade to xpdf 2.02 -- From: naddy@	2003-05-20 00:37:10 +00:00
sturm	93a38c63c4	update to xpdf 2.01 - switch to motif toolkit - support for multiple open documents - lots of minor tweaks, bugfixes and additions, see http://www.foolabs.com/xpdf/CHANGES for details MAINTAINER ok	2003-02-12 08:28:20 +00:00
brad	f975f83529	The pdftops filter in xpdf contains an integer overflow that can be exploited to gain the privileges of the target user. http://www.idefense.com/advisory/12.23.02.txt	2002-12-29 23:45:20 +00:00
brad	e6ed1a0dbf	upgrade to xpdf 1.01	2002-05-23 23:44:21 +00:00
brad	8bb1abbd3c	upgrade to xpdf 1.00	2002-04-27 04:21:01 +00:00
brad	ead2322d22	upgrade to xpdf 0.92	2001-03-07 19:10:01 +00:00
brad	fa4e599998	upgrade to xpdf 0.91	2000-08-30 23:07:30 +00:00
brad	c2bfa5b52a	upgrade to xpdf 0.90; maintainer	1999-09-15 21:59:56 +00:00
fgsch	92d138b182	Fix it to compile using egcs.	1999-08-05 07:04:27 +00:00
marc	731905c32a	xpdf; apollo@slcnet.net	1999-01-31 00:05:45 +00:00
mickey	7910029de6	hmm, never read mail at work	1997-12-04 01:58:28 +00:00
mickey	b10c103c64	xpdf-0.7 partially from free	1997-12-03 20:36:38 +00:00

41 Commits