[prev in list] [next in list] [prev in thread] [next in thread]
List: freedesktop-poppler
Subject: Re: Poppler 24.04.0 released
From: William Bader <williambader () hotmail ! com>
Date: 2024-04-01 18:59:13
Message-ID: PAXPR09MB5071378FB3A1B8A55FAA3BE8C43F2 () PAXPR09MB5071 ! eurprd09 ! prod ! outlook ! com
[Download RAW message or body]
Until the full extent of the recent xz compromise is known, would it be possible to distribute in an \
additional format like bz2? The compromise was introduced in xz 5.6.0, which is only in bleeding edge \
distributions, but the developer controlled releases starting at 5.3.1.
"backdoor in upstream xz/liblzma leading to ssh server compromise" \
https://www.openwall.com/lists/oss-security/2024/03/29/4
"Linux xz Backdoor Damage Could Be Greater Than Feared" \
https://thenewstack.io/linux-xz-backdoor-damage-could-be-greater-than-feared/
________________________________
From: poppler <poppler-bounces@lists.freedesktop.org> on behalf of Albert Astals Cid <aacid@kde.org>
Sent: Monday, April 1, 2024 4:08 AM
To: poppler@lists.freedesktop.org <poppler@lists.freedesktop.org>
Cc: ftp-release@lists.freedesktop.org <ftp-release@lists.freedesktop.org>
Subject: Poppler 24.04.0 released
Available from http://poppler.freedesktop.org/poppler-24.04.0.tar.xz
The tarball is signed at http://poppler.freedesktop.org/poppler-24.04.0.tar.xz.sig with my key
https://pgp.surfnet.nl/pks/lookup?op=get&search=0xCA262C6C83DE4D2FB28A332A3A6A4DB839EAA6D7
Release 24.04.0:
core:
* Optimize page text extraction speed
* Fix clipping path handling in some files. Issue #739
* Fix regression in text selection
* Fix text search across lines between paragraphs
qt6:
* Fix crash in SoundObject::data
utils:
* pdfsig: Add Catalan translation
build system:
* Build code as C++20
This release was brought to you by Albert Astals Cid, Josep M. Ferrer, Nelson Benítez León, Stefan Brüns \
and everyone else that filed bugs or helped with code reviews :)
Testing, patches and bug reports welcome.
Cheers,
Albert
[Attachment #3 (text/html)]
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof" style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: \
rgb(0, 0, 0);"> Until the full extent of the recent xz compromise is known, would it be possible to \
distribute in an additional format like bz2?<br> The compromise was introduced in xz 5.6.0, which is only \
in bleeding edge distributions, but the developer controlled releases starting at 5.3.1.<br> <br>
"backdoor in upstream xz/liblzma leading to ssh server compromise" \
https://www.openwall.com/lists/oss-security/2024/03/29/4</div> <div class="elementToProof" \
style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"> <br>
</div>
<div class="elementToProof" style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: \
rgb(0, 0, 0);"> "Linux xz Backdoor Damage Could Be Greater Than Feared" \
https://thenewstack.io/linux-xz-backdoor-damage-could-be-greater-than-feared/</div> <div \
class="elementToProof" style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, \
0, 0);"> <br>
<br>
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<hr style="display: inline-block; width: 98%;">
<div style="direction: ltr; font-family: Calibri, sans-serif; font-size: 11pt; color: rgb(0, 0, 0);">
<b>From:</b> poppler <poppler-bounces@lists.freedesktop.org> on behalf of Albert Astals Cid \
<aacid@kde.org><br> <b>Sent:</b> Monday, April 1, 2024 4:08 AM<br>
<b>To:</b> poppler@lists.freedesktop.org <poppler@lists.freedesktop.org><br>
<b>Cc:</b> ftp-release@lists.freedesktop.org <ftp-release@lists.freedesktop.org><br>
<b>Subject:</b> Poppler 24.04.0 released</div>
<div class="elementToProof" style="direction: ltr;"> </div>
<div style="font-size: 11pt;">Available from <a \
href="http://poppler.freedesktop.org/poppler-24.04.0.tar.xz" id="OWA1fa18d94-6671-181e-8111-693058678cc8" \
class="OWAAutoLink" data-auth="NotApplicable"> \
http://poppler.freedesktop.org/poppler-24.04.0.tar.xz</a><br> <br>
The tarball is signed at <a href="http://poppler.freedesktop.org/poppler-24.04.0.tar.xz.sig" \
id="OWA4a2d8147-4ece-5b3c-f31c-4529ed751c2e" class="OWAAutoLink" data-auth="NotApplicable"> \
http://poppler.freedesktop.org/poppler-24.04.0.tar.xz.sig</a> with my key<br> <a \
href="https://pgp.surfnet.nl/pks/lookup?op=get&search=0xCA262C6C83DE4D2FB28A332A3A6A4DB839EAA6D7" \
id="OWA166e09f4-2f2b-7076-d7f1-54408acea802" class="OWAAutoLink" \
data-auth="NotApplicable">https://pgp.surfnet.nl/pks/lookup?op=get&search=0xCA262C6C83DE4D2FB28A332A3A6A4DB839EAA6D7</a><br>
<br>
Release 24.04.0:<br>
core:<br>
* Optimize page text extraction speed<br>
* Fix clipping path handling in some files. Issue #739<br>
* Fix regression in text selection<br>
* Fix text search across lines between paragraphs<br>
<br>
qt6:<br>
* Fix crash in SoundObject::data<br>
<br>
utils:<br>
* pdfsig: Add Catalan translation<br>
<br>
build system:<br>
* Build code as C++20<br>
<br>
This release was brought to you by Albert Astals Cid, Josep M. Ferrer, Nelson Benítez León, Stefan Brüns \
and everyone else that filed bugs or helped with code reviews :)<br> <br>
Testing, patches and bug reports welcome.<br>
<br>
Cheers,<br>
Albert<br>
<br>
<br>
<br>
<br>
<br>
</div>
</body>
</html>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic