* Wed Jan 12 2022 Danilo Spinella <danilo.spinella@suse.com>
- Update to version 1.9.14:
* BMP image support is now deprecated and will be removed in a future
release of HTMLDOC.
* Fixed a potential stack overflow bug with GIF images.
* Fixed the PDF creation date (Issue #455)
* Fixed a potential stack overflow bug with BMP images (Issue #456)
* Fixed a compile issue when libpng was not available (Issue #458)
- Update to version 1.9.13:
* Now install a 32x32 icon for Linux (Issue #432)
* Fixed an issue with large values for roman numerals and letters in headings (Issue #433)
* Fixed a crash bug when a HTML comment contains an invalid nul character (Issue #439)
* Fixed a crash bug with bogus BMP images (Issue #444)
* Fixed a potential heap overflow bug with bogus GIF images (Issue #451)
* Fixed a potential stack overflow bug with bogus BMP images (Issue #453)
- Fix CVE-2021-43579 stack-based buffer overflow in image_load_bmp() results in remote code
execution if the victim converts an HTML document linking to a crafted BMP file.
(CVE-2021-43579, bsc#1194487)
- Remove upstreamed patch htmldoc-CVE-2021-40985.patch
* Fri Nov 05 2021 pgajdos@suse.com
- security update
- added patches
fix CVE-2021-40985 [bsc#1192357], buffer overflow may lead to DoS via a crafted BMP image
+ htmldoc-CVE-2021-40985.patch
Version: 1.9.12-bp153.2.12.1
* Fri Apr 29 2022 pgajdos@suse.com
- choose saner name for patches
- patches
- htmldoc.openSUSE_Backports_SLE-15-SP3_Update-CVE-2021-40985.patch (upstreamed)
- htmldoc.openSUSE_Backports_SLE-15-SP3_Update-CVE-2021-43579.patch (upstreamed)
- htmldoc.openSUSE_Backports_SLE-15-SP3_Update-CVE-2022-0534.patch (upstreamed)
- htmldoc.openSUSE_Backports_SLE-15-SP3_Update-CVE-2022-24191.patch (upstreamed)
- renamed to
+ htmldoc-CVE-2021-40985.patch
+ htmldoc-CVE-2021-43579.patch
+ htmldoc-CVE-2022-0534.patch
+ htmldoc-CVE-2022-24191.patch
* Fri Apr 29 2022 pgajdos@suse.com
- security update
- added patches
fix CVE-2022-28085 [bsc#1198933], Heap buffer overflow in function pdf_write_names in ps-pdf.cxx
+ htmldoc-CVE-2022-28085.patch
Version: 1.9.12-bp151.4.3.1
* Tue Jun 01 2021 Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 1.9.12
* Fixed buffer-overflow CVE-2021-20308 ( boo#1184424 )
* Fixed a crash bug with "data:" URIs and EPUB output
* Fixed several other crash bugs
* Fixed JPEG error handling
* Fixed some minor issues
* Removed the bundled libjpeg, libpng, and zlib.
* Fri Jan 29 2021 Dirk Müller <dmueller@suse.com>
- update to 1.9.11:
- Added high-resolution desktop icons for Linux.
- Updated the internal HTTP library to fix truncation of redirection URLs
- Fixed a regression in the handling of character entities for UTF-8 input
- The `--numbered` option did not work when the table-of-contents was disabled
- Updated local zlib to v1.2.11.
- Updated local libpng to v1.6.37.
- Fixed packaging issues on macOS and Windows
- Now ignore sRGB profile errors in PNG files
- The GUI would crash when saving
- Page comments are now allowed in `pre` text
* Tue Aug 18 2020 Dirk Mueller <dmueller@suse.com>
- update to 1.9.9:
- Added support for a `HTMLDOC.filename` META keyword that controls the filename
reported in CGI mode; the default remains "htmldoc.pdf" (Issue #367)
- Fixed a paragraph formatting issue with large inline images (Issue #369)
- Fixed a buffer underflow issue (Issue #370)
- Fixed PDF page numbers (Issue #371)
- Added support for a new `L` header/footer format (`$LETTERHEAD`), which
inserts a letterhead image at its full size (Issue #372, Issue #373,
Issue #375)
- Updated the build documentation (Issue #374)
- Refactored the PRE rendering code to work around compiler optimization bugs
- Added support for links with targets (Issue #351)
- Fixed a table rowspan + valign bug (Issue #360)
- Added support for data URIs (Issue #340)
- HTMLDOC no longer includes a PDF table of contents when converting a single
web page (Issue #344)
- Updated the markdown support with external links, additional inline markup,
and hard line breaks.
- Links in markdown text no longer render with a leading space as part of the
link (Issue #346)
- Fixed a buffer underflow bug discovered by AddressSanitizer.
- Fixed a bug in UTF-8 support (Issue #348)
- PDF output now includes the base language of the input document(s)
- Optimized the loading of font widths (Issue #354)
- Optimized PDF page resources (Issue #356)
- Optimized the base memory used for font widths (Issue #357)
- Added proper `­` support (Issue #361)
- Title files can now be markdown.
- The GUI did not support EPUB output.
- Empty markdown table cells were not rendered in PDF or PostScript output.
- The automatically-generated title page now supports both "docnumber" and
"version" metadata.
- Added support for dc:subject and dc:language metadata in EPUB output from the
HTML keywords and lang values.
- Added support for the subject and language metadata in markdown input.
- Fixed a buffer underflow bug (Issue #338)
- `htmldoc --help` now reports whether HTTPS URLs are supported (Issue #339)
- Fixed an issue with HTML title pages and EPUB output.
- Inline fixed-width text is no longer reduced in size automatically
- Optimized initialization of font width data (Issue #334)
- Fixed formatting bugs with aligned images (Issue #322, Issue #324)
- Fixed support for three digit "#RGB" color values (Issue #323)
- Fixed character set support for markdown metadata.
- Updated libpng to v1.6.34 (Issue #326)
- The makefiles did not use the CPPFLAGS value (Issue #328)
- Added Markdown table support.
- Fixed parsing of TBODY, TFOOT, and THEAD elements in HTML files.
Version: 1.9.1-bp150.2.2
* Mon Dec 04 2017 mpluskal@suse.com
- Update to new version 1.9.1:
* Fixed monospace font size issue
* Added support for reproducible builds
* Added limited support for the HTML 4.0 SPAN element
* Added (extremely limited) UTF-8 support for input files
* Fixed buffer underflow for (invalid) short HTML comments
* Now indent PRE text, by popular request.
* EPUB output now makes sure that <element property> is written
as <element property="property">.
* Now support both NAME and ID for table-of-contents targets.
* Added support for repeating a single header row for tables that
span multiple pages
* Added support for embedding the current filename/URL in the
header or footer
* Added EPUB support
* Added Markdown support
* Fixed a regression in header/footer image scaling
* Documentation updates
* Compiler fixes
* Fixed a bug when running HTMLDOC as a macOS application.
* Updated the bundled libpng to v1.6.29.
* And many more
- Drop upstreamed htmldoc-cups_rand.patch and no longer needed
htmldoc-docpath.diff
- Lots of spec file cleaning
- Use gnutls/gcrypt for crypto support as openssl support is gone
* Sat Mar 11 2017 sfalken@opensuse.org
- Edited %files to clear unpackaged files builderror in
openSUSE:Factory
* Mon May 02 2016 mpluskal@suse.com
- Cleanup spec file with spec-cleaner
- Use macro for configure
Version: 1.8.28-3.1
* Wed Feb 25 2015 benoit.monin@gmx.fr
- update to version 1.8.28:
* Updated default PDF version to 1.4.
* SECURITY: Fixed three buffer overflow issues when reading AFM
files and parsing page sizes.
* Fixed incompatibility with Fortify's version of strcpy, which
does not work properly with variable-length arrays (STR #235)
* Fixed compilation against PNG library 1.5 or later (STR #243)
* Fixed documentation errors (PR #6593, PR #6595)
* Marked Zapf-Dingbats as a standard font (STR #198)
* Fixed GPL license text in GUI (STR #222)
* Fixed a table formatting problem when a column has multiple
colspan values (PR #6709)
* Fixed parsing of HTML comments (STR #181)
* Fixed potential out-of-bounds read in table-of-contents
rendering code (STR #183)
* Fixed handling of image URLs with ampersands in them (STR #186)
* Fixed top/bottom margins for logo and header/footer images
(STR #174)
* Fixed image alignment bug (Bug #231)
* Fixed X11 build problem (Bug #243)
- add source url
- drop the following patches after upstream fix:
* htmldoc_CVE-2009-3050_535943.diff
* htmldoc-fortify.diff
* htmldoc-libpng15.diff
* htmldoc-link-x11.patch
- refresh patch htmldoc-docpath.diff
- add patch htmldoc-cups_rand.patch to work around a build error
(upstream bug #510)
- remove now unused --with-fltk configure options
- set datadir for make install
- do not package doc/ source directory: documentation is already
provided by htmldoc.pdf
- remove COMPILE.txt from doc: useless in a rpm
- add -q to %setup to avoid spamming the build log
* Fri Apr 19 2013 dimstar@opensuse.org
- Add htmldoc-link-x11.patch: link the GUI app against libX11.
* Tue Sep 04 2012 pgajdos@suse.com
- builds also against libpng15
* libpng15.patch
* Tue Dec 20 2011 coolo@suse.com
- add autoconf as buildrequire to avoid implicit dependency
* Tue Dec 20 2011 coolo@suse.com
- remove call to suse_update_config (very old work around)
* Mon Feb 15 2010 rguenther@suse.de
- Fix stricter fortification fallout with GCC 4.5.
* Fri Dec 11 2009 lmuelle@suse.de
- Fix buffer overflow in the set_page_size function; CVE-2009-3050;
(bnc#535943).
* Thu Aug 03 2006 lmuelle@suse.de
- Update to version 1.8.27.
+ Fixed a crash bug that appeared when more than 10 blank
pages were present in a document (PR #6223)
+ Color changes were not reflected in PRE text (STR #129)
+ Remote URLs did not always work on older operating
systems (PR #6179)
+ Image filenames using % escapes were not decoded
properly.
+ Rows using BGCOLOR that spanned across multiple pages
did not render properly (PR #6149)
+ Rows no longer start on a new page due to a cell with
both HEIGHT and ROWSPAN specified (PR #6086)
+ CMYK JPEG images caused HTMLDOC to crash (PR #6106)
+ Table cell width calculations didn't always account for
the proper minimum width (STR #121)
+ Images were not copied when generating indexed HTML
output to a directory (STR #117)
+ Changing the bottom margin resulted in text that was
formatted below the bottom margin.
+ The Monospace-Oblique font was not embedded properly in
PDF files.
+ Outline and keyword strings in PDF files are now stored
as Unicode (STR #113)
+ The Flate compression code could get in an infinite
loop if it ran out of memory (STR #101)
+ Book files saved from the GUI did not handle filenames
with spaces (STR #105)
+ Fixed and re-enabled the ASCII85Device filter support
in PostScript Level 2/3 output (STR #116)
+ Character entities in the first word of a file were not
rendered properly (STR #111)
+ Fixed-size table columns were incorrectly resized when
a table width was also specified and there was extra
space to distribute (PR #6062)
+ Text could "walk" up or down when in-line images were
used (PR #6034)
+ Row backgrounds incorrectly replaced cell backgrounds
when the first cell in a row used ROWSPAN (PR #6033, PR
[#6036])
+ HTMLDOC did not correctly parse FONT FACE attributes
(PR #6006)
+ Images in Level 2/3 PostScript output did not work on
some printers (PR #6000)
+ The GUI did not use the first page header (PR #5978)
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Tue Nov 22 2005 lmuelle@suse.de
- Update to version 1.8.25.
* Wed Dec 08 2004 lmuelle@suse.de
- Update to version 1.8.24; [#43261].
* Mon May 17 2004 lmuelle@suse.de
- Add -fno-strict-aliasing to CFLAGS.
* Sun Mar 21 2004 ro@suse.de
- removed .orig file
* Sat Jan 10 2004 adrian@suse.de
- add %defattr
* Mon Feb 24 2003 gd@suse.de
- update to version 1.8.23
* Fri Aug 16 2002 ro@suse.de
- removed empty post/postun scripts (#17875) (again)
* Fri Aug 16 2002 gd@suse.de
- update to version 1.8.21
* Mon Aug 12 2002 ro@suse.de
- fix compilation with new fltk
* Thu Jul 04 2002 gd@suse.de
- update to version 1.8.20
- added diff to correct DOCDIR-path and missing fonts
- cleanups (%files, %{_mandir})
* Tue Feb 05 2002 gd@suse.de
- added libpng to neededforbuild