Commit Graph

68 Commits

Author SHA1 Message Date
naddy
ad83bdd8a8 fix ASCII85 encoding on LP64 archs 2007-08-25 14:42:37 +00:00
naddy
981e5b9829 SECURITY fix for CVE-2007-3387.
Also remove former maintainer at his request.
ok kili@
2007-07-31 21:22:16 +00:00
espie
d4ebcd974d more base64 checksums 2007-04-05 17:26:05 +00:00
ckuethe
454f465537 Forgot to cvs rm this one too. Pointed out by marco 2007-03-30 04:32:13 +00:00
ckuethe
3b5bcac916 Update to xpdf 3.0.2, from Stuart Henderson and Brad Smith
Includes some security fixes

ok pvalchev, todd
2007-03-30 04:09:42 +00:00
espie
49a9142c53 new lib specs 2006-08-03 23:55:10 +00:00
bernd
5cef0e1aee Fix heap based buffer overflow.
From KDE. http://www.kde.org/info/security/advisory-20060202-1.txt

ok brad@
2006-02-05 09:59:00 +00:00
bernd
73df9cb65e Fix several security bugs in the xpdf code.
o iDefense advisories from 2005-12-05
o CAN-2005-3191, CAN-2005-3192, CAN-2005-3193

- JPX Stream Reader Heap Overflow Vulnerability
- DCTStream Baseline Heap Overflow Vulnerability
- DCTStream Progressive Heap Overflow
- StreamPredictor Heap Overflow Vulnerability

Patch provided by xpdf developers.
2005-12-07 09:22:14 +00:00
brad
f78eac374a upgrade to xpdf 3.01
Most of the update is from Bernd Ahlers <bernd at ba-net dot org>
2005-09-09 17:34:53 +00:00
sturm
0d88196840 bump PKGNAME so that 3.7 won't have higher PKGNAMEs than 3.8
suggested by espie@, ok pval@
2005-08-31 19:55:36 +00:00
naddy
9c8738ab34 Fix denial of service vulnerability.
Check sanity of the TrueType "loca" table.  Specially crafted broken
tables caused disk space exhaustion due to very large generated glyph
descriptions when attempting to fix the table.  CAN-2005-2097.

from Ubuntu Linux; ok brad@
2005-08-11 14:18:47 +00:00
naddy
5fde06cb73 sync patches 2005-08-10 20:27:25 +00:00
naddy
fe99af154b SECURITY:
Fix a buffer overflow due to insufficient bounds checking while
processing a PDF file that provides malicious values in the /Encrypt
/Length tag.

http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities&flashstatus=false

ok robert@
2005-01-19 16:23:16 +00:00
naddy
ae76d3ea1f SIZE 2005-01-05 17:21:50 +00:00
robert
1186293490 SECURITY:
fix a buffer overflow vulnerability; bump PKGNAME; use autoconf-2.59

ok MAINTAINER (brad@)
2004-12-22 17:36:24 +00:00
alek
23b926dc64 Add WANTLIB markers 2004-12-07 00:23:20 +00:00
naddy
398c2b8469 Remove workaround for GNU m4 incompatibility, which has been fixed in our m4. 2004-11-08 16:34:52 +00:00
naddy
1a313ddeea freetype fixes, adapted from FreeBSD; ok brad@ 2004-11-06 18:19:53 +00:00
brad
31ca292e2d Chris Evans discovered numerous vulnerabilities in the xpdf package:
Multiple integer overflow issues affecting xpdf.
These can result in writing an arbitrary byte to an attacker controlled
location which probably could lead to arbitrary code execution.
CAN-2004-0888

Multiple integer overflow issues.
These can result in DoS or possibly arbitrary code execution.
CAN-2004-0889

Chris also discovered issues with infinite loop logic error.
2004-10-23 02:24:36 +00:00
espie
d1fa125d45 new plists 2004-09-15 18:39:31 +00:00
naddy
51b4d86024 drop obsolete lib requirement 2004-07-30 01:19:28 +00:00
brad
370fbe9082 install sample xpdfrc file and fix lpr usage. From: sturm@ 2004-04-06 02:35:44 +00:00
brad
8127d75ffc FreeType2 authors are brain dead. Workaround really stupid change
with FreeType2 that comes with XF 4.4.
2004-02-14 21:06:54 +00:00
brad
d08dcf874d now that there is a separate fonts package for ghostscript
use that instead.
2004-01-31 18:06:38 +00:00
brad
722abda26f better 2004-01-25 09:44:20 +00:00
brad
dba7e02584 - remove bogus --with-gzip in CONFIGURE_ARGS
- add RUN_DEPENDS on GNU ghostscript for the fonts
2004-01-25 09:37:39 +00:00
brad
54cbe89b39 upgrade to xpdf 3.00
"shitloads better rendering" - jose@
2004-01-25 06:02:40 +00:00
naddy
112339c1d4 remove WWW lines 2003-12-15 21:54:59 +00:00
brad
774e18ab50 remove DRM bullshit.
--
From: cloder@
2003-10-24 19:31:57 +00:00
brad
92fc00317d upgrade to xpdf 2.02pl1
fixes a flaw where an attacker can embed malicious hyperlinks that if
activated can execute arbitrary shell commands.

http://marc.theaimsgroup.com/?l=full-disclosure&m=105555332025253&w=2
2003-06-19 12:00:47 +00:00
brad
2d8ff25d82 upgrade to xpdf 2.02
--
From: naddy@
2003-05-20 00:37:10 +00:00
sturm
93a38c63c4 update to xpdf 2.01
- switch to motif toolkit
- support for multiple open documents
- lots of minor tweaks, bugfixes and additions, see
  http://www.foolabs.com/xpdf/CHANGES for details

MAINTAINER ok
2003-02-12 08:28:20 +00:00
brad
f975f83529 The pdftops filter in xpdf contains an integer overflow that can
be exploited to gain the privileges of the target user.

http://www.idefense.com/advisory/12.23.02.txt
2002-12-29 23:45:20 +00:00
naddy
d79d0fc832 No regression tests available. 2002-10-28 22:43:46 +00:00
pvalchev
6109dd2c35 no more need to build this static on sparc64, remove workaround
ld.so fix thanks to drahn@
2002-09-04 00:55:41 +00:00
brad
e6ed1a0dbf upgrade to xpdf 1.01 2002-05-23 23:44:21 +00:00
pvalchev
6cfb29e647 temporary link xpdf static on sparc64 to workaround ld.so bug; ok brad
with this it works...
2002-05-08 20:33:11 +00:00
brad
8bb1abbd3c upgrade to xpdf 1.00 2002-04-27 04:21:01 +00:00
brad
00c89eea6f distfile does not exist on distsites so use MASTER_SITE_BACKUP for now. 2002-03-30 21:48:27 +00:00
kevlo
7276e66536 support Japanese/Chinese PDF viewing.
--
Submitted by Hidenori Ishikawa <hideishi@magisystem.net>;
Tested by me;
Ok'd by brad@
2001-12-13 03:26:28 +00:00
brad
91858bb23d upgrade to xpdf 0.93 2001-11-29 16:42:41 +00:00
espie
d4a8bd7c69 full lib depends 2001-10-24 12:36:02 +00:00
brad
30c8ec7ea4 bump major for t1lib 2001-08-28 00:54:46 +00:00
brad
14ccfbe8fa dewey dependency on t1lib. 2001-06-27 13:23:22 +00:00
brad
a749e3af31 - integrate COMMENT
- bump NEED_VERSION
- add USE_X11
2001-04-15 23:10:36 +00:00
brad
caed3f3d96 - bump t1lib major rev in dependency entry.
- takeover as MAINTAINER.
- remove freetype FLAVOR and just include it by default.
2001-03-10 17:23:27 +00:00
brad
ead2322d22 upgrade to xpdf 0.92 2001-03-07 19:10:01 +00:00
danh
3bb680a697 MAINTAINER set to ports@openbsd.org. This was requested by the
previous maintainer as he no longer has time to maintain this.
2001-03-03 19:19:12 +00:00
brad
73d37a6d73 - make use of t1lib
- add a FLAVOR to use the freetype library
2000-08-31 09:31:45 +00:00
brad
fa4e599998 upgrade to xpdf 0.91 2000-08-30 23:07:30 +00:00