Package Release Info

mupdf-1.12.0-bp151.4.3.1

Update Info: openSUSE-2021-1341
Available in Package Hub : 15 SP1 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

mupdf
mupdf-devel-static

Change Logs

* Mon Sep 20 2021 Dan ?ermák <dcermak@suse.com>
- Add patches for CVE-2020-16600 and CVE-2020-19609
  * add 0001-Bug-701176-Handle-TIFFs-with-alpha-that-have-more-th.patch:
    fixes boo#1190176 aka CVE-2020-19609
  * add 0002-Bug-702253-Avoid-a-use-after-free-in-fz_drop_band_wr.patch:
    fixes boo#1190175 aka CVE-2020-16600
Version: 1.12.0-bp150.2.3
* Wed Feb 14 2018 crrodriguez@opensuse.org
-mupdf-no-strip.patch: fix debuginfo generation
* Wed Feb 14 2018 crrodriguez@opensuse.org
- Remove xorg-x11-devel from buildrequires
* Mon Feb 12 2018 kbabioch@suse.com
- Add CVE-2018-1000051.patch: Fix a Use After Free vulnerability in
  fz_keep_key_storable that can potentially result in DoS / remote
  code execution (CVE-2018-1000051 bsc#1080531)
* Tue Feb 06 2018 meissner@suse.com
- use freetype2-devel explictily as buildrequires
* Fri Feb 02 2018 kbabioch@suse.com
- CVE-2018-6192.patch: Use official fix from usptream (CVE-2018-6192
  boo#1077755)
* Fri Feb 02 2018 kbabioch@suse.com
- Add CVE-2018-6544.patch to fix a DoS in pdf_load_obj_stm within in
  pdf/pdf-xref.c (CVE-2018-6544 boo#1079100)
- Add CVE-2018-6192.patch to fix a DoS in pdf_read_new_xref within
  pdf/pdf-xref.c via crafted PDF file (CVE-2018-6192 boo#1077755)
* Fri Feb 02 2018 kbabioch@suse.com
- CVE-2018-6192.patch: Use official fix from usptream (CVE-2018-6192
  boo#1077755)
* Tue Jan 23 2018 kbabioch@suse.com
- Add CVE-2017-17858.patch to fix an heap-based buffer overflow
  CVE-2017-17858 bsc#1077161
* Mon Jan 22 2018 idonmez@suse.com
- Add CVE-2018-5686.patch to fix an infinite loop
  CVE-2018-5686 bsc#1075936
* Sun Jan 14 2018 avindra@opensuse.org
- Update to version 1.12.0
  * Color Management:
    + LCMS2 library for color management
    + CMYK rendering with overprint simulation
    + Spot color rendering
    + Transparency rendering fixes
  * Structured text output improvements:
    + Reworked structured text API
    + Faster text searching
    + Highlight and copy text by selecting lines instead of by
    area
    + New semantic XHTML output format
    + New layout preserving HTML output format
  * Features and improvements:
    + Improved non-AA rendering with new scan converter
    + Improved LARGEFILE support
    + Improved TIFF support
    + Improved documentation
    + PCLm output.
    + PSD output.
    + New "mutool trace" tool.
    + New "mutool sign" tool (work in progress).
    + Text redaction (work in progress).
    + Lots of bug fixes.
- Strip "-source" from tarball name
- Switch to xz release (13mb smaller)
- rebase fix-openjpeg-flags.patch
- drop reproducible.patch
  * fixed upstream in 081d4c72430e3077a05499c783d9fbe24361b368
- Fixes CVE-2017-15369 (bsc#1063413), CVE-2017-15587 (bsc#1064027)
* Fri Nov 10 2017 aloisio@gmx.com
- Update to version 1.11
  * This is primarily a bug fix release.
  * PDF portfolio support with command line tool "mutool
    portfolio".
  * Add callbacks to load fallback fonts from the system.
  * Use system fonts in Android to reduce install size.
  * Flag to disable publisher styles in EPUB layout.
  * Improved SVG output.
- Refreshed fix-openjpeg-flags.patch and reproducible.patch
- Dropped CVE-2017-5896.patch, bsc1023760.patch,
  CVE-2016-10221.patch, CVE-2016-8728.patch, CVE-2017-7976.patch,
  CVE-2016-10132.patch, CVE-2016-10133.patch,
  CVE-2016-10141.patch, CVE-2017-5627.patch
  and CVE-2017-5628.patch (merged or adapted upstream)
* Thu Aug 03 2017 idonmez@suse.com
- Add CVE-2016-10221.patch, CVE-2016-8728.patch and
  CVE-2017-7976.patch to fix CVE-2016-10221, CVE-2016-8728,
  CVE-2016-8729 and CVE-2017-7976
  bsc#1032140 bsc#1039850 bsc#1052029
* Mon May 29 2017 bwiedemann@suse.com
- Add reproducible.patch to sort input files to make build reproducible
  (boo#1041090)
* Thu Apr 27 2017 idonmez@suse.com
- mupdf is not a terminal app boo#1036637
* Fri Feb 10 2017 idonmez@suse.com
- Add bsc1023760.patch to fix writing svg output to stdout if no
  output specified bsc#1023760
* Fri Feb 10 2017 idonmez@suse.com
- Add CVE-2017-5896.patch to fix a heap overflow
  CVE-2017-5896 bsc#1023761 bsc#1024679
* Mon Feb 06 2017 idonmez@suse.com
- Add CVE-2017-5627.patch and CVE-2017-5628.patch fixes
  CVE-2017-5627 and CVE-2017-5628 bsc#1022503 bsc#1022504
* Tue Jan 24 2017 idonmez@suse.com
- Add CVE-2016-10132.patch, CVE-2016-10133.patch and
  CVE-2016-10141.patch to fix CVE-2016-10132, CVE-2016-10133 and
  CVE-2016-10141 bsc#1019877
* Tue Dec 20 2016 idonmez@suse.com
- Update to version 1.10a
  * A bug with mutool and saving PDF files using the 'ascii'
    option has been fixed.
- Add fix-openjpeg-flags.patch to stop defining OPJ_STATIC,
  this is https://github.com/uclouvain/openjpeg/issues/802
* Thu Nov 24 2016 idonmez@suse.com
- Update to version 1.10
  * FictionBook (FB2) e-book support.
  * Simple SVG parser (a small subset of SVG only).
  * mutool convert: a new document conversion tool and interface.
  * Multi-threaded rendering in mudraw.
  * Updated base 14 fonts from URW.
  * New CJK font with language specific variants.
  * Hyperlink support in EPUB.
  * Alpha channel is now optional in pixmaps.
  * More aggressive purging of cached objects.
  * Partial image decoding for lower memory use when banding.
  * Reduced default set of built-in CMap tables to the minimum required.
  * FZ_ENABLE_PDF, _XPS, _JS, to disable features at compile time.
  * Function level linking.
  * Dropped pdf object generation numbers from public interfaces.
  * Simplified PDF page, xobject, and annotation internals.
  * Closing and freeing devices and writers are now separate steps.
  * Improved PDF annotation editing interface (still a work in progress).
  * Document writer interface.
  * Banded image writer interface.
- Drop CVE-2016-6265.patch and mupdf-fix-openjpeg2.patch,
  both are fixed upstream.