Versions
v4.05-r1 :: 0 :: gentoo
- Modified
- License
- || ( GPL-2 GPL-3 ) i18n? ( BSD )
- Keywords
- amd64 x86
- USE flags
- cmyk cups fontconfig i18n icons libpaper metric opi png textselect utils verify-sig
USE flags
General
- cmyk
- Include support for CMYK rasterization
- cups
- Add support for CUPS (Common Unix Printing System)
- fontconfig
- Support for configuring and customizing font access via media-libs/fontconfig
- i18n
- Enable support non-UTF8 national charsets
- icons
- Generate desktop PNG icons using rsvg-convert from gnome-base/librsvg
- libpaper
- Use app-text/libpaper to get paper preferences
- metric
- Use A4 instead of US Letter paper size by default for PostScript output. This option has effect only if libpaper USE flag is disabled
- opi
- Include support for OPI (Open Prepress Interface) comments
- png
- Add support for libpng (PNG images)
- textselect
- Allow text selection
- utils
- Install command-line PDF converters and various utilities
- verify-sig
- Verify upstream signatures on distfiles
Dependencies
app-text / libpaper : Library for handling paper characteristics
dev-qt / qtbase : Cross-platform application development framework
media-libs / fontconfig : A library for configuring and customizing font access
media-libs / freetype : High-quality and portable font engine
media-libs / libpng : Portable Network Graphics library
Runtime Dependencies
app-text / libpaper : Library for handling paper characteristics
dev-qt / qtbase : Cross-platform application development framework
dev-qt / qtsvg : SVG rendering library for the Qt6 framework
media-fonts / urw-fonts : (URW)++ base 35 font set
media-libs / fontconfig : A library for configuring and customizing font access
media-libs / freetype : High-quality and portable font engine
media-libs / libpng : Portable Network Graphics library
Bugs
- 740260
- app-text/xpdf: Multiple vulnerabilities (CVE-2020-{24996,24999})
- 856475
- app-text/xpdf: multiple vulnerabilities ("fixed in xpdf-5")
- 881351
- app-text/xpdf: multiple vulnerabilities
- 905207
- app-text/xpdf: multiple vulnerabilities
- 955692
- app-text/xpdf-4.05-r1 - [cmake-4] -- Configuring incomplete, errors occurred!
Change logs
- Repository mirror & CI · gentoo
Merge updates from master - Andreas Sturmlechner · gentoo
app-text/xpdf: Drop IUSE qt6 (Qt5 build option)
The question remains why we added back an old PDF toolkit with plenty of known security holes fixed by poppler since forking XPDF-3. Yeah right, "fixed in xpdf-5" which has not become a thing since 2022. But at the very least it must not block Qt5 cleanup. Held my nose and just dropped that. Bug: https://bugs.gentoo.org/856475 Closes: https://bugs.gentoo.org/939729 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Michał Górny · gentoo
app-text/xpdf: Remove old
Signed-off-by: Michał Górny <mgorny@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: Stabilize 4.05 amd64, #938251
Signed-off-by: Sam James <sam@gentoo.org> - Sam James · gentoo
app-text/xpdf: Stabilize 4.05 x86, #938251
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: drop 4.04-r1
Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: Stabilize 4.04-r2 x86, #936403
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: Stabilize 4.04-r2 amd64, #936403
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: add 4.05
* Add qt6 support per bug 925519, use updated font-paths patch from Andrii Batyiev. * Update simplified Chinese and Korean language support packages. * Fix the following CVEs: - CVE-2018-7453 PDF object loop in AcroForm::scanField - CVE-2018-16369 PDF object loop in AcroForm::scanField - CVE-2019-9587 PDF object loop in Catalog::countPageTree - CVE-2019-9588 PDF object loop in Catalog::countPageTree - CVE-2019-16088 PDF object loop in Catalog::countPageTree - CVE-2022-30524 logic bug in text extractor led to invalid memory access - CVE-2022-30775 integer overflow in rasterizer - CVE-2022-33108 PDF object loop in Catalog::countPageTree - CVE-2022-36561 PDF object loop in AcroForm::scanField - CVE-2022-38222 logic bug in JBIG2 decoder - CVE-2022-38334 PDF object loop in Catalog::countPageTree - CVE-2022-38928 missing bounds check in CFF font converter caused null pointer dereference - CVE-2022-41842 PDF object loop in Catalog::countPageTree - CVE-2022-41843 missing bounds check in CFF font parser caused invalid memory access - CVE-2022-41844 PDF object loop in AcroForm::scanField - CVE-2022-43071 PDF object loop in Catalog::readPageLabelTree2 - CVE-2022-43295 PDF object loop in Catalog::countPageTree - CVE-2022-45586 PDF object loop in Catalog::countPageTree - CVE-2022-45587 PDF object loop in Catalog::countPageTree - CVE-2023-2662 Divide-by-zero in Xpdf 4.04 due to bad color space object - CVE-2023-2663 PDF object loop in Catalog::readPageLabelTree2 - CVE-2023-2664 PDF object loop in Catalog::readEmbeddedFileTree - CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size - CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references Closes: https://bugs.gentoo.org/925519 Bug: https://bugs.gentoo.org/845027 Bug: https://bugs.gentoo.org/856475 Bug: https://bugs.gentoo.org/881351 Bug: https://bugs.gentoo.org/908037 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: remove unused cmake variable
CMAKE_DISABLE_FIND_PACKAGE_Qt4 is never used if either qt6 or qt5 are found, so it can be safely removed to fix QA warning. Closes: https://bugs.gentoo.org/917451 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Andrew Savchenko · gentoo
app-text/xpdf: remove unused cmake variable
CMAKE_DISABLE_FIND_PACKAGE_Qt4 is never used if either qt6 or qt5 are found, so it can be safely removed to fix QA warning. Bug: https://bugs.gentoo.org/917451 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: fix urw font paths
Closes: https://bugs.gentoo.org/916446 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Paul Zander · gentoo
app-text/xpdf: fix build with installed Qt6
Closes: https://bugs.gentoo.org/910166 Signed-off-by: Paul Zander <negril.nx+gentoo@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/33618 Signed-off-by: Florian Schmaus <flow@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Mike Gilbert · gentoo
Remove BROOT from VERIFY_SIG_OPENPGP_KEY_PATH
Signed-off-by: Mike Gilbert <floppym@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: fix build w/ libpaper-2
Closes: https://bugs.gentoo.org/870217 Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: add libpaper slot dep
ABI broke. Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: check singnature only for the source tarball
Upstream provides GPG signature for the source tarball, but not for i18n charset tarballs. So manual verification of the source tarball is required instead of default verify-all action. Closes: https://bugs.gentoo.org/857258 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: drop 4.03
Bug: https://bugs.gentoo.org/840873 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
app-text/xpdf: x86 stable wrt bug #856010
Package-Manager: Portage-3.0.30, Repoman-3.0.3 RepoMan-Options: --include-arches="x86" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
app-text/xpdf: amd64 stable wrt bug #856010
Package-Manager: Portage-3.0.30, Repoman-3.0.3 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: Update to 4.04.
This fixes numerous security issues. Bug: https://bugs.gentoo.org/840873 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: remove old
Bug: https://bugs.gentoo.org/755938 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: Stabilize 4.03 amd64, #755938
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Sam James · gentoo
app-text/xpdf: Stabilize 4.03 x86, #755938
Signed-off-by: Sam James <sam@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: version bump
This is mostly a bugfix release, it fixes plentiful of bugs (see CHANGES) including many security issues, including but not limited to CVE-2020-{25725,35376}. Bug: https://bugs.gentoo.org/755938 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Andrew Savchenko · gentoo
app-text/xpdf: update download links
Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Andrew Savchenko · gentoo
app-text/xpdf: update license
It is either GPLv2 or GPLv3, not mix of both; see README: Xpdf is licensed under the GNU General Public License (GPL), version 2 or 3. This means that you can distribute derivatives of Xpdf under any of the following: - GPL v2 only - GPL v3 only - GPL v2 or v3 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: switch from inkscape to rsvg-convert
rsvg-convert is faster, more lightweight and less troublesome dependency than inkscape, so use it for png generation. This is a better fix of bug 739166. Bug: https://bugs.gentoo.org/739166 Package-Manager: Portage-3.0.9, Repoman-3.0.2 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: migrate from cmake-utils to cmake eclass
Package-Manager: Portage-3.0.6, Repoman-3.0.1 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: workaround inkscape sandbox violations
Closes: https://bugs.gentoo.org/739166 Package-Manager: Portage-3.0.6, Repoman-3.0.1 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: drop old
Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
app-text/xpdf: x86 stable wrt bug #720104
Package-Manager: Portage-2.3.89, Repoman-2.3.20 RepoMan-Options: --include-arches="x86" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Agostino Sarubbo · gentoo
app-text/xpdf: amd64 stable wrt bug #720104
Package-Manager: Portage-2.3.89, Repoman-2.3.20 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: drop old
Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Andrew Savchenko · gentoo
app-text/xpdf: fix dep on dev-qt/qtprintsupport
Closes: https://bugs.gentoo.org/720022 Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: fix deps and build issues
- Add missing qtsvg runtime dependency. - Add fontconfig optional dependency and USE flag. - Since 1.0 devel versions inkscape changed CLI options for file export. Take this into account to allow icons generations using both old and new versions of inkscape. Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: remove old and vulnerable versions
Bug: https://bugs.gentoo.org/711146 Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
app-text/xpdf: x86 stable wrt bug #711146
Package-Manager: Portage-2.3.89, Repoman-2.3.20 RepoMan-Options: --include-arches="x86" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
app-text/xpdf: amd64 stable wrt bug #711146
Package-Manager: Portage-2.3.89, Repoman-2.3.20 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: fix CVE-2019-17064
Fix NULL pointer dereference by initializing field before use. https://forum.xpdfreader.com/viewtopic.php?f=3&t=41890#p42672 Bug: https://bugs.gentoo.org/711146 Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: Add desktop files and icons
Also add USE=icons to generate PNG icon files since not all DE/WMs can work with SVG. Closes: https://bugs.gentoo.org/705344 Package-Manager: Portage-2.3.82, Repoman-2.3.20 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Agostino Sarubbo · gentoo
app-text/xpdf: amd64 stable wrt bug #698640
Package-Manager: Portage-2.3.76, Repoman-2.3.16 RepoMan-Options: --include-arches="amd64" Signed-off-by: Agostino Sarubbo <ago@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Thomas Deutschmann · gentoo
app-text/xpdf: x86 stable (bug #698640)
Package-Manager: Portage-2.3.78, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: remove old and vulnerable version
Package-Manager: Portage-2.3.77, Repoman-2.3.17 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: version bump
Bump to xpdf-4.02. This fixes many bugs including CVEs. Package-Manager: Portage-2.3.77, Repoman-2.3.17 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: remove old and vulnerable version
Bug: https://bugs.gentoo.org/681112 Bug: https://bugs.gentoo.org/681140 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Andrew Savchenko · gentoo
app-text/xpdf: security version bump
xpdf-4.01.01 fixes several vulnerabilities and problems reported by Loginsoft, including CVE-2019-9589. CVE-2019-9588 and CVE-2019-9587 are probably fixed as well, but it is not clear from ChangeLog: The PDFDoc(BaseStream) initializer wasn't working correctly. Fixed a missing array bounds check in PSOutputDev. [Thanks to Loginsoft for the bug report.] ^-- CVE-2019-9589 If the "U" string used for RC4 decryption is short, Adobe apparently zero-pads it, so Xpdf now does the same. ^-- Maybe CVE-2019-9588 Pdffonts now checks more carefully for loops between objects. ^-- Looks like CVE-2019-9587 Fixed a problem parsing large real numbers. [Thanks to Loginsoft for the bug report.] Bug: https://bugs.gentoo.org/681112 Bug: https://bugs.gentoo.org/681140 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> - Repository mirror & CI · gentoo
Merge updates from master - Andrew Savchenko · gentoo
app-text/xpdf: re-add to the tree
Xpdf is back on track again with modern interface and active development :) Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>