{"bugs":[{"bugid":740260,"firstseen":"2020-09-04T03:54:57.295461","severity":"normal","status":"CONFIRMED","summary":"app-text\/xpdf: Multiple vulnerabilities (CVE-2020-{24996,24999})"},{"bugid":856475,"firstseen":"2022-07-05T06:04:29.610120","severity":"minor","status":"CONFIRMED","summary":"app-text\/xpdf: multiple vulnerabilities (\"fixed in xpdf-5\")"},{"bugid":881351,"firstseen":"2022-11-14T22:52:13.404017","severity":"normal","status":"CONFIRMED","summary":"app-text\/xpdf: multiple vulnerabilities"},{"bugid":905207,"firstseen":"2023-04-28T04:46:47.705243","severity":"normal","status":"CONFIRMED","summary":"app-text\/xpdf: multiple vulnerabilities"}],"categories":[{"categoryid":391,"name":"app-text","summary":"The app-text category contains tools for working with human-language text files."},{"categoryid":472,"name":"dev-qt","summary":"The dev-qt category contains packages for the Qt framework modules and directly related libraries and development applications from the upstream Qt Project. Do not add other packages to this category."},{"categoryid":415,"name":"media-fonts","summary":"The media-fonts category contains fonts."},{"categoryid":438,"name":"media-libs","summary":"The media-libs category contains media-related libraries."},{"categoryid":369,"name":"net-print","summary":"The net-print category contains network printing packages."},{"categoryid":381,"name":"sys-libs","summary":"The sys-libs category contains various system-level libraries."}],"changelog":[{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"64136a1188f17af82466c26c771e2e3127fcf5ba","committime":"2025-04-21T08:31:33","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"asturm@gentoo.org","authorname":"Andreas Sturmlechner","body":"The question remains why we added back an old PDF toolkit with plenty\nof known security holes fixed by poppler since forking XPDF-3.\n\nYeah right, \"fixed in xpdf-5\" which has not become a thing since 2022.\n\nBut at the very least it must not block Qt5 cleanup. Held my nose and\njust dropped that.\n\nBug: https:\/\/bugs.gentoo.org\/856475\nCloses: https:\/\/bugs.gentoo.org\/939729\nSigned-off-by: Andreas Sturmlechner ","commitid":"10290aa19fe42fb2289984941a129fc689de1ff5","committime":"2025-04-21T07:57:39","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Drop IUSE qt6 (Qt5 build option)"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"e8b7ad9712c0b7d2993246ccd5679395a0f0a7f4","committime":"2024-11-01T09:18:28","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"mgorny@gentoo.org","authorname":"Michał Górny","body":"Signed-off-by: Michał Górny ","commitid":"4e95f50977c6236c79dffb1cbeea2db7957d6276","committime":"2024-11-01T09:00:55","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Remove old"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"f1c8b22c94c8e5d7ba373f84365bcc405ee851b9","committime":"2024-08-20T18:18:53","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Signed-off-by: Sam James ","commitid":"90b3cf17341ba3bf83e90aed5ba59b51617583c1","committime":"2024-08-20T18:04:45","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Stabilize 4.05 amd64, #938251"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Signed-off-by: Sam James ","commitid":"50964b418f5e6529bac293b9c54b06f5796410ef","committime":"2024-08-20T18:04:43","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Stabilize 4.05 x86, #938251"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"304577bc93a05ff2cf3d5e98f5325656eb81a31c","committime":"2024-07-21T19:48:53","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Signed-off-by: Andrew Savchenko ","commitid":"2dcc6653e8f396807dfe983975520ae0f000c832","committime":"2024-07-21T19:36:12","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: drop 4.04-r1"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"fcf7deb26ad625b1ebaa914f4ef63cc8f729bfdb","committime":"2024-07-21T00:48:50","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Signed-off-by: Sam James ","commitid":"8f72753fe5fff3bb972c4f824308ebe862a94439","committime":"2024-07-21T00:32:22","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Stabilize 4.04-r2 x86, #936403"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"4dbaf7ebd2d4f403daffc9f8715432c61915e255","committime":"2024-07-20T23:04:49","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Signed-off-by: Sam James ","commitid":"05b3b6711e04c1e92a4315065f3248b197b20f78","committime":"2024-07-20T22:45:48","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Stabilize 4.04-r2 amd64, #936403"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"21ec7711a83c9b5b53c3ae62f0b105fab8ad77a1","committime":"2024-07-20T21:18:53","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"* Add qt6 support per bug 925519, use updated font-paths patch from\nAndrii Batyiev.\n\n* Update simplified Chinese and Korean language support packages.\n\n* Fix the following CVEs:\n - CVE-2018-7453 PDF object loop in AcroForm::scanField\n - CVE-2018-16369 PDF object loop in AcroForm::scanField\n - CVE-2019-9587 PDF object loop in Catalog::countPageTree\n - CVE-2019-9588 PDF object loop in Catalog::countPageTree\n - CVE-2019-16088 PDF object loop in Catalog::countPageTree\n - CVE-2022-30524 logic bug in text extractor led to invalid memory access\n - CVE-2022-30775 integer overflow in rasterizer\n - CVE-2022-33108 PDF object loop in Catalog::countPageTree\n - CVE-2022-36561 PDF object loop in AcroForm::scanField\n - CVE-2022-38222 logic bug in JBIG2 decoder\n - CVE-2022-38334 PDF object loop in Catalog::countPageTree\n - CVE-2022-38928 missing bounds check in CFF font converter caused null\n pointer dereference\n - CVE-2022-41842 PDF object loop in Catalog::countPageTree\n - CVE-2022-41843 missing bounds check in CFF font parser caused invalid\n memory access\n - CVE-2022-41844 PDF object loop in AcroForm::scanField\n - CVE-2022-43071 PDF object loop in Catalog::readPageLabelTree2\n - CVE-2022-43295 PDF object loop in Catalog::countPageTree\n - CVE-2022-45586 PDF object loop in Catalog::countPageTree\n - CVE-2022-45587 PDF object loop in Catalog::countPageTree\n - CVE-2023-2662 Divide-by-zero in Xpdf 4.04 due to bad color space object\n - CVE-2023-2663 PDF object loop in Catalog::readPageLabelTree2\n - CVE-2023-2664 PDF object loop in Catalog::readEmbeddedFileTree\n - CVE-2023-3044 Divide-by-zero in Xpdf 4.04 due to very large page size\n - CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references\n\nCloses: https:\/\/bugs.gentoo.org\/925519\nBug: https:\/\/bugs.gentoo.org\/845027\nBug: https:\/\/bugs.gentoo.org\/856475\nBug: https:\/\/bugs.gentoo.org\/881351\nBug: https:\/\/bugs.gentoo.org\/908037\nSigned-off-by: Andrew Savchenko ","commitid":"47a254308b64f4462a3cdcc7ce49655b41b7bdb5","committime":"2024-07-20T21:04:06","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: add 4.05"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"d34288c2f6090a0c11e7bc60128f4b7e95eb5f99","committime":"2024-07-20T17:04:20","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"CMAKE_DISABLE_FIND_PACKAGE_Qt4 is never used if either qt6 or qt5 are\nfound, so it can be safely removed to fix QA warning.\n\nCloses: https:\/\/bugs.gentoo.org\/917451\nSigned-off-by: Andrew Savchenko ","commitid":"aff4faa0924988e635cef587083d3cf848808576","committime":"2024-07-20T16:55:08","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: remove unused cmake variable"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"CMAKE_DISABLE_FIND_PACKAGE_Qt4 is never used if either qt6 or qt5 are\nfound, so it can be safely removed to fix QA warning.\n\nBug: https:\/\/bugs.gentoo.org\/917451\nSigned-off-by: Andrew Savchenko ","commitid":"397d93d9ecb352d2e6778222a4a34cc0156b7e99","committime":"2024-07-20T16:53:20","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: remove unused cmake variable"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"6f54e849188149780cc7533ddbafcdf7725411af","committime":"2024-01-05T14:47:50","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Closes: https:\/\/bugs.gentoo.org\/916446\nSigned-off-by: Sam James ","commitid":"501e2c8dc84171930394db872cb3cf145997d57b","committime":"2024-01-05T14:37:30","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: fix urw font paths"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"59bff68fd700e68744596e3ee32c6ba5c0ebe3ef","committime":"2023-11-16T15:17:41","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"negril.nx+gentoo@gmail.com","authorname":"Paul Zander","body":"Closes: https:\/\/bugs.gentoo.org\/910166\n\nSigned-off-by: Paul Zander \nCloses: https:\/\/github.com\/gentoo\/gentoo\/pull\/33618\nSigned-off-by: Florian Schmaus ","commitid":"e00f435d7b1c02f16d6f5e1e897801e2c29e77aa","committime":"2023-11-01T12:44:05","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: fix build with installed Qt6"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"407072b35bf389685ef40fc732f846aaafe930a7","committime":"2023-10-31T20:08:09","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"floppym@gentoo.org","authorname":"Mike Gilbert","body":"Signed-off-by: Mike Gilbert ","commitid":"78213a89b4a602460bf81ba5fab8eed561091ade","committime":"2023-10-31T18:12:52","packageid":69708,"repoid":1,"summary":"Remove BROOT from VERIFY_SIG_OPENPGP_KEY_PATH"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"d59a33b6b0faa0803335d8a7fd97d670982a66df","committime":"2023-01-09T10:32:04","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Closes: https:\/\/bugs.gentoo.org\/870217\nSigned-off-by: Sam James ","commitid":"7e33adc640a4a1bf32892d9144ec060f9080b2e5","committime":"2023-01-09T10:16:02","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: fix build w\/ libpaper-2"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"33ba4ed8afbc76a28dfd27f408a18f71ce79ece7","committime":"2022-09-15T13:31:43","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"ABI broke.\n\nSigned-off-by: Sam James ","commitid":"e5a960cadf9fdeda3ea5f56829a2996a04e6005c","committime":"2022-09-15T13:18:29","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: add libpaper slot dep"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"9f084b2da278c9407f48ba5eb3103cbcd3855a84","committime":"2022-07-26T15:46:33","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Upstream provides GPG signature for the source tarball, but not for i18n\ncharset tarballs. So manual verification of the source tarball is\nrequired instead of default verify-all action.\n\nCloses: https:\/\/bugs.gentoo.org\/857258\nSigned-off-by: Andrew Savchenko ","commitid":"4fd6556ce28bba04aafb277a2023677541ba2a10","committime":"2022-07-26T15:26:33","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: check singnature only for the source tarball"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"ece90eadf9fb022461d3d341048fb0be235873b5","committime":"2022-07-26T15:16:35","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Bug: https:\/\/bugs.gentoo.org\/840873\nSigned-off-by: Andrew Savchenko ","commitid":"9acdf0acbed78a5c950374c190da2ccdfa640c5f","committime":"2022-07-26T10:38:55","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: drop 4.03"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"fbc27d903168cb46f4010586f9e1aba9f9ee9fdd","committime":"2022-07-03T11:01:32","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-3.0.30, Repoman-3.0.3\nRepoMan-Options: --include-arches=\"x86\"\nSigned-off-by: Agostino Sarubbo ","commitid":"81b9462059c17a92cff396d52bcd1f5f779a20fd","committime":"2022-07-03T10:51:57","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: x86 stable wrt bug #856010"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-3.0.30, Repoman-3.0.3\nRepoMan-Options: --include-arches=\"amd64\"\nSigned-off-by: Agostino Sarubbo ","commitid":"d2c029c15ce5a784f73e93fa680894645b02a858","committime":"2022-07-03T10:46:23","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: amd64 stable wrt bug #856010"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"f6bf5234c4cf474457ab2389c60c511c7367db07","committime":"2022-05-15T14:03:04","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"This fixes numerous security issues.\n\nBug: https:\/\/bugs.gentoo.org\/840873\nSigned-off-by: Andrew Savchenko ","commitid":"7de5ff2a819eb06c7cb3ae30728a82670f0462f6","committime":"2022-05-15T13:49:16","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Update to 4.04."},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"c315348ea1df34b5e66d0601a969675ca64ffed6","committime":"2021-02-14T15:11:37","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Bug: https:\/\/bugs.gentoo.org\/755938\nPackage-Manager: Portage-3.0.14, Repoman-3.0.2\nSigned-off-by: Andrew Savchenko ","commitid":"8db9d6432f54c3bea1b4d30e9cecd5eea18d1aed","committime":"2021-02-14T13:27:36","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: remove old"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"49356f4a95cdf3a2436408f5806b9a04e78792dd","committime":"2021-02-09T12:18:00","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Signed-off-by: Sam James ","commitid":"822a8e635768d12b0fb5bff2cc09e21c499fa163","committime":"2021-02-09T09:47:15","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Stabilize 4.03 amd64, #755938"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"09be802a9e759592a9cdcb726a9bdedb2cfe2805","committime":"2021-02-08T19:17:30","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"sam@gentoo.org","authorname":"Sam James","body":"Signed-off-by: Sam James ","commitid":"ae841c2d3dd241cc3896b1f12cbae7dfadb7d93f","committime":"2021-02-08T17:26:28","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Stabilize 4.03 x86, #755938"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"dd8a2865b7dfae8813d1e063f263deffc2095ba4","committime":"2021-01-30T10:32:51","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"This is mostly a bugfix release, it fixes plentiful of bugs (see\nCHANGES) including many security issues, including but not limited\nto CVE-2020-{25725,35376}.\n\nBug: https:\/\/bugs.gentoo.org\/755938\nPackage-Manager: Portage-3.0.14, Repoman-3.0.2\nSigned-off-by: Andrew Savchenko ","commitid":"ee2f467df6f1d70f5d7e7741ac264c6d2893d323","committime":"2021-01-30T09:47:21","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: version bump"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Package-Manager: Portage-3.0.14, Repoman-3.0.2\nSigned-off-by: Andrew Savchenko ","commitid":"a11a0db0a8cd5cb501a75b5a5247fa6a9c212bea","committime":"2021-01-30T09:34:25","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: update download links"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"It is either GPLv2 or GPLv3, not mix of both; see README:\n\nXpdf is licensed under the GNU General Public License (GPL), version 2\nor 3. This means that you can distribute derivatives of Xpdf under\nany of the following:\n - GPL v2 only\n - GPL v3 only\n - GPL v2 or v3\n\nPackage-Manager: Portage-3.0.14, Repoman-3.0.2\nSigned-off-by: Andrew Savchenko ","commitid":"a76641e3eaf92f7c8b19af72e44c9fea310338c2","committime":"2021-01-30T09:29:29","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: update license"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"9ef295bf1a25c28f313dd2e3f406e96023048405","committime":"2020-11-09T18:35:18","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"rsvg-convert is faster, more lightweight and less troublesome\ndependency than inkscape, so use it for png generation.\nThis is a better fix of bug 739166.\n\nBug: https:\/\/bugs.gentoo.org\/739166\nPackage-Manager: Portage-3.0.9, Repoman-3.0.2\nSigned-off-by: Andrew Savchenko ","commitid":"33385b46bea50e05915917ebdb14f6adb97a8797","committime":"2020-11-09T18:02:02","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: switch from inkscape to rsvg-convert"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"d969c9d64c690b3b580b6a9e06918a4739f3a800","committime":"2020-09-19T16:05:18","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Package-Manager: Portage-3.0.6, Repoman-3.0.1\nSigned-off-by: Andrew Savchenko ","commitid":"c630935617aa5c55593b0d0497d83610bb5320d9","committime":"2020-09-19T15:36:47","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: migrate from cmake-utils to cmake eclass"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"2c17b4a9cecea21a79369695d6221a246c9627f8","committime":"2020-09-19T10:35:17","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Closes: https:\/\/bugs.gentoo.org\/739166\nPackage-Manager: Portage-3.0.6, Repoman-3.0.1\nSigned-off-by: Andrew Savchenko ","commitid":"3f535c7636d53f04ddf69e514f9a2b9e9009ed61","committime":"2020-09-19T10:18:32","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: workaround inkscape sandbox violations"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"0d580b13fc31320dfcca4dc52393c7174aaad4fd","committime":"2020-04-30T20:39:36","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Package-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"f2e97d26d315297c9014abc9e6c1fd3d5aa4f44a","committime":"2020-04-30T20:17:39","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: drop old"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"6542ba49724508fe58e362e35b144ca959523d5d","committime":"2020-04-30T16:06:49","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-2.3.89, Repoman-2.3.20\nRepoMan-Options: --include-arches=\"x86\"\nSigned-off-by: Agostino Sarubbo ","commitid":"5d9f37d2ce2b1d03a5e53c832c09c63b484d9a03","committime":"2020-04-30T16:00:02","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: x86 stable wrt bug #720104"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-2.3.89, Repoman-2.3.20\nRepoMan-Options: --include-arches=\"amd64\"\nSigned-off-by: Agostino Sarubbo ","commitid":"8af518fcfb687a098f314bbe2524178211bd0b12","committime":"2020-04-30T15:56:18","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: amd64 stable wrt bug #720104"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"d903b529aa8a2c1782ed10d78c73eab422bf0c46","committime":"2020-04-30T10:11:11","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"a499912005e9066d2b2553ca8837bdd2b052ea7a","committime":"2020-04-30T09:07:19","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Package-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"8f337938612c83328af9ea7d980ccd84cbf8c0ed","committime":"2020-04-30T08:57:02","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: drop old"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Closes: https:\/\/bugs.gentoo.org\/720022\nPackage-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"12add41ec6c64c8f4224154d3a69af61432e1924","committime":"2020-04-30T08:32:38","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: fix dep on dev-qt\/qtprintsupport"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"95d2c62ab954007a4a04442e0e0c5ecfcaf83ae8","committime":"2020-04-05T09:06:21","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"- Add missing qtsvg runtime dependency.\n- Add fontconfig optional dependency and USE flag.\n- Since 1.0 devel versions inkscape changed CLI options for file\n export. Take this into account to allow icons generations using\n both old and new versions of inkscape.\n\nPackage-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"dfb7b992c74936cfa0d09628c7b02c5dd2dcbd3b","committime":"2020-04-05T08:43:57","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: fix deps and build issues"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"679b227d184c2a393ac07ab0c543add6e2852130","committime":"2020-03-02T23:10:12","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Bug: https:\/\/bugs.gentoo.org\/711146\nPackage-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"aa9c839a6550de397a577a9c6eca092badafe3f5","committime":"2020-03-02T22:31:36","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: remove old and vulnerable versions"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"9041c79c701f3fdde17de9c65c0a93c24a632b36","committime":"2020-03-02T13:06:27","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-2.3.89, Repoman-2.3.20\nRepoMan-Options: --include-arches=\"x86\"\nSigned-off-by: Agostino Sarubbo ","commitid":"8916f29b60a078edc4627bf80cd202b2c7bd2d4f","committime":"2020-03-02T12:31:53","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: x86 stable wrt bug #711146"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"21c5c2aa03ee59f59d82ddda7f73445d1be10a45","committime":"2020-03-02T09:36:28","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-2.3.89, Repoman-2.3.20\nRepoMan-Options: --include-arches=\"amd64\"\nSigned-off-by: Agostino Sarubbo ","commitid":"9a3e00353155e8a7c994fa73c035f11413630c6e","committime":"2020-03-02T09:24:29","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: amd64 stable wrt bug #711146"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"f029d595818f0b0ea168def7faa5b4e67671db87","committime":"2020-03-01T20:36:26","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Fix NULL pointer dereference by initializing field before use.\nhttps:\/\/forum.xpdfreader.com\/viewtopic.php?f=3&t=41890#p42672\n\nBug: https:\/\/bugs.gentoo.org\/711146\nPackage-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"6ab1a068d867bd08ed5377a7b5a8d9e3ec046b18","committime":"2020-03-01T20:03:46","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: fix CVE-2019-17064"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"4976786f96b76f0a39ead40bd95a17e227a20af2","committime":"2020-01-18T19:25:51","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Also add USE=icons to generate PNG icon files since not all DE\/WMs\ncan work with SVG.\n\nCloses: https:\/\/bugs.gentoo.org\/705344\nPackage-Manager: Portage-2.3.82, Repoman-2.3.20\nSigned-off-by: Andrew Savchenko ","commitid":"c0532994d83390f3ef3964cea43edab9be194057","committime":"2020-01-18T18:23:23","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: Add desktop files and icons"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"688af61fe7c8b8a15c413ec973d611a06d57577d","committime":"2019-10-28T08:05:40","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"ago@gentoo.org","authorname":"Agostino Sarubbo","body":"Package-Manager: Portage-2.3.76, Repoman-2.3.16\nRepoMan-Options: --include-arches=\"amd64\"\nSigned-off-by: Agostino Sarubbo ","commitid":"4e00352b3e88c748eaba8e4b72e9eae9be6ab209","committime":"2019-10-28T07:41:27","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: amd64 stable wrt bug #698640"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"a1188c6986c1532f24dbd21ad546bb023d1044ea","committime":"2019-10-27T23:45:38","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"whissi@gentoo.org","authorname":"Thomas Deutschmann","body":"Package-Manager: Portage-2.3.78, Repoman-2.3.17\nSigned-off-by: Thomas Deutschmann ","commitid":"e9bd9753bc11b9589b812a8e972c7326a239c491","committime":"2019-10-27T23:20:00","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: x86 stable (bug #698640)"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"cf6fabfdb276e694aac221b9a497f1a413e83949","committime":"2019-10-27T09:45:28","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Package-Manager: Portage-2.3.77, Repoman-2.3.17\nSigned-off-by: Andrew Savchenko ","commitid":"4200b42667589b1f425801d9128935b2a9b98134","committime":"2019-10-27T09:28:12","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: remove old and vulnerable version"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"12958fa6af2194ac2791b5ce2e95a2342a602eee","committime":"2019-10-23T14:45:29","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Bump to xpdf-4.02. This fixes many bugs including CVEs.\n\nPackage-Manager: Portage-2.3.77, Repoman-2.3.17\nSigned-off-by: Andrew Savchenko ","commitid":"ac2df5b64a359f2c40900b207e981f07a0a4f267","committime":"2019-10-23T14:34:07","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: version bump"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"4a4e20abd0d0ecfe3b964facba77a6d75a786977","committime":"2019-03-21T11:44:20","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Bug: https:\/\/bugs.gentoo.org\/681112\nBug: https:\/\/bugs.gentoo.org\/681140\nPackage-Manager: Portage-2.3.62, Repoman-2.3.12\nSigned-off-by: Andrew Savchenko ","commitid":"0a41a80fe3a6ef79385c29bb540684f9aa00d42f","committime":"2019-03-21T10:59:47","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: remove old and vulnerable version"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"xpdf-4.01.01 fixes several vulnerabilities and problems reported by\nLoginsoft, including CVE-2019-9589.\n\nCVE-2019-9588 and CVE-2019-9587 are probably fixed as well, but it\nis not clear from ChangeLog:\n\nThe PDFDoc(BaseStream) initializer wasn't working correctly.\nFixed a missing array bounds check in PSOutputDev. [Thanks to\n Loginsoft for the bug report.]\n ^-- CVE-2019-9589\nIf the \"U\" string used for RC4 decryption is short, Adobe apparently\n zero-pads it, so Xpdf now does the same.\n ^-- Maybe CVE-2019-9588\nPdffonts now checks more carefully for loops between objects.\n ^-- Looks like CVE-2019-9587\nFixed a problem parsing large real numbers. [Thanks to Loginsoft for\n the bug report.]\n\nBug: https:\/\/bugs.gentoo.org\/681112\nBug: https:\/\/bugs.gentoo.org\/681140\nPackage-Manager: Portage-2.3.62, Repoman-2.3.12\nSigned-off-by: Andrew Savchenko ","commitid":"6b695c59184713a18e2a7809f40088eff130afb6","committime":"2019-03-21T10:55:44","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: security version bump"},{"authoremail":"repomirrorci@gentoo.org","authorname":"Repository mirror & CI","commitid":"cac7e7e2f2e78c24171ddf8cf8a01740d8dc1c7c","committime":"2019-03-12T07:03:59","packageid":69708,"repoid":1,"summary":"Merge updates from master"},{"authoremail":"bircoph@gentoo.org","authorname":"Andrew Savchenko","body":"Xpdf is back on track again with modern interface and active\ndevelopment :)\n\nPackage-Manager: Portage-2.3.62, Repoman-2.3.12\nSigned-off-by: Andrew Savchenko ","commitid":"bb4f79138a75abb85109b342c215b93c448ee153","committime":"2019-03-12T06:47:32","packageid":69708,"repoid":1,"summary":"app-text\/xpdf: re-add to the tree"}],"dependencies":[{"block":false,"categoryid":438,"description":"High-quality and portable font engine","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"yngwin@gentoo.org","maintainername":"Ben de Groot","name":"freetype","packageid":46440},{"block":false,"categoryid":438,"description":"Portable Network Graphics library","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"base-system@gentoo.org","maintainername":"Gentoo Base System","name":"libpng","packageid":49028},{"block":false,"categoryid":369,"description":"The Common Unix Printing System","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"printing@gentoo.org","maintainername":"Gentoo Printing Project","name":"cups","packageid":50399},{"block":false,"categoryid":438,"description":"A library for configuring and customizing font access","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"yngwin@gentoo.org","maintainername":"Ben de Groot","name":"fontconfig","packageid":51367,"summary":"Fontconfig is a font configuration and customization library, which does not depend on the X Window System. It is designed to locate fonts within the system and select them according to requirements specified by applications."},{"block":false,"categoryid":391,"description":"Library for handling paper characteristics","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"printing@gentoo.org","maintainername":"Gentoo Printing Project","name":"libpaper","packageid":52304},{"block":false,"categoryid":381,"description":"Standard (de)compression library","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"base-system@gentoo.org","maintainername":"Gentoo Base System","name":"zlib","packageid":55408},{"block":false,"categoryid":472,"description":"Cross-platform application development framework","ebuildids":[861057,861057],"firstseen":"2022-08-02T23:07:22.729124","name":"qtbase","packageid":75249}],"depending":[],"ebuilds":[{"archs":["amd64","x86"],"ebuildid":861057,"firstseen":"2025-04-21T09:46:22.499964","license":"|| ( GPL-2 GPL-3 ) i18n? ( BSD )","moddate":"2025-04-23T15:45:07","packageid":69708,"repoid":1,"slot":"0","uses":["cmyk","cups","fontconfig","i18n","icons","libpaper","metric","opi","png","textselect","utils","verify-sig"],"version":"4.05-r1"}],"masks":[],"package":{"categoryid":391,"description":"PDF viewer and toolkit","firstseen":"2019-03-12T07:17:02.239983","name":"xpdf","packageid":69708},"rdependencies":[{"block":false,"categoryid":415,"description":"(URW)++ base 35 font set","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"fonts@gentoo.org","maintainername":"Fonts","name":"urw-fonts","packageid":42214},{"block":false,"categoryid":438,"description":"High-quality and portable font engine","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"yngwin@gentoo.org","maintainername":"Ben de Groot","name":"freetype","packageid":46440},{"block":false,"categoryid":438,"description":"Portable Network Graphics library","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"base-system@gentoo.org","maintainername":"Gentoo Base System","name":"libpng","packageid":49028},{"block":false,"categoryid":369,"description":"The Common Unix Printing System","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"printing@gentoo.org","maintainername":"Gentoo Printing Project","name":"cups","packageid":50399},{"block":false,"categoryid":438,"description":"A library for configuring and customizing font access","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"yngwin@gentoo.org","maintainername":"Ben de Groot","name":"fontconfig","packageid":51367,"summary":"Fontconfig is a font configuration and customization library, which does not depend on the X Window System. It is designed to locate fonts within the system and select them according to requirements specified by applications."},{"block":false,"categoryid":391,"description":"Library for handling paper characteristics","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"printing@gentoo.org","maintainername":"Gentoo Printing Project","name":"libpaper","packageid":52304},{"block":false,"categoryid":381,"description":"Standard (de)compression library","ebuildids":[861057],"firstseen":"2010-05-04T00:54:45.661860","maintainer":"base-system@gentoo.org","maintainername":"Gentoo Base System","name":"zlib","packageid":55408},{"block":false,"categoryid":472,"description":"SVG rendering library for the Qt6 framework","ebuildids":[861057],"firstseen":"2013-03-03T14:38:59.202869","maintainer":"qt@gentoo.org","maintainername":"Gentoo Qt Project","name":"qtsvg","packageid":60446},{"block":false,"categoryid":472,"description":"Cross-platform application development framework","ebuildids":[861057,861057],"firstseen":"2022-08-02T23:07:22.729124","name":"qtbase","packageid":75249}],"repos":[{"branch":"master","lastcommit":"3497cf409a8f7ce5ab6fafa1786699f7100ea3cf","name":"gentoo","path":"\/usr\/portage","repoid":1,"upstream":"origin"}],"tracked":false,"urls":["https:\/\/www.xpdfreader.com"],"uses":[{"description":"Include support for CMYK rasterization","isdefault":false,"packageid":69708,"use":"cmyk"},{"description":"Add support for CUPS (Common Unix Printing System)","isdefault":false,"use":"cups"},{"defaultflag":true,"description":"Support for configuring and customizing font access via media-libs\/fontconfig","isdefault":true,"use":"fontconfig"},{"description":"Enable support non-UTF8 national charsets","isdefault":false,"packageid":69708,"use":"i18n"},{"description":"Generate desktop PNG icons using rsvg-convert from gnome-base\/librsvg","isdefault":false,"packageid":69708,"use":"icons"},{"defaultflag":true,"description":"Use app-text\/libpaper to get paper preferences","isdefault":true,"packageid":69708,"use":"libpaper"},{"description":"Use A4 instead of US Letter paper size by default for PostScript output. This option has effect only if libpaper USE flag is disabled","isdefault":false,"packageid":69708,"use":"metric"},{"description":"Include support for OPI (Open Prepress Interface) comments","isdefault":false,"packageid":69708,"use":"opi"},{"description":"Add support for libpng (PNG images)","isdefault":false,"use":"png"},{"defaultflag":true,"description":"Allow text selection","isdefault":true,"packageid":69708,"use":"textselect"},{"description":"Install command-line PDF converters and various utilities","isdefault":false,"packageid":69708,"use":"utils"},{"description":"Verify upstream signatures on distfiles","isdefault":false,"use":"verify-sig"}]}