Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[r19.09] poppler_0_61: add patch for CVE-2019-9959 #71093

Closed
wants to merge 2 commits into from
Closed

[r19.09] poppler_0_61: add patch for CVE-2019-9959 #71093

wants to merge 2 commits into from
+23 −2

Conversation

risicle
Copy link
Contributor

@risicle risicle commented Oct 13, 2019

Motivation for this change

Backport of #71042

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
Notify maintainers

cc @

Sorry, something went wrong.

@risicle
poppler_0_61: add patch for CVE-2019-9959
ddf4f9d 
custom adapted patch to accommodate the openjpeg1/openjpeg2 split that
0.61 still has

(cherry picked from commit e6889d4)
@risicle
poppler_0_61: 0.61.0 -> 0.61.1

Verified

This commit was signed with the committer’s verified signature.
veprbl Dmitry Kalinkin
GPG key ID: 5157B3EC8B2CA333
Verified
Learn about vigilant mode
4ccb65c 
(cherry picked from commit b9593f1)
@ofborg ofborg bot requested a review from ttuegel October 13, 2019 21:06
@veprbl veprbl added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Oct 14, 2019
@ttuegel
Copy link
Member

ttuegel commented Oct 14, 2019

Cherry-picked in 8b64f71.

@ttuegel ttuegel closed this Oct 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ttuegel ttuegel

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 11-100 10.rebuild-linux: 11-100
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@risicle @ttuegel @veprbl