From 78b9d6bfd4cbd3e947b1c5ffe73eb97b040e312a Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Sat, 21 Nov 2020 13:49:22 -0500 Subject: [PATCH] Prepare 10.0.4 release --- ChangeLog | 2 ++ autofiles.sums | 2 +- configure | 20 ++++++++++---------- configure.ac | 4 ++-- libqpdf/QPDF.cc | 2 +- manual/qpdf-manual.xml | 25 +++++++++++++++++++++++-- qpdf/qpdf.cc | 2 +- 7 files changed, 40 insertions(+), 17 deletions(-) diff --git a/ChangeLog b/ChangeLog index b7571235..696e43a6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2020-11-21 Jay Berkenbilt + * 10.0.4: release + * Fix QIntC::range_check to handle negative numbers properly (fuzz issue 26994). diff --git a/autofiles.sums b/autofiles.sums index 72a21715..624d11bf 100644 --- a/autofiles.sums +++ b/autofiles.sums @@ -1,4 +1,4 @@ -63cdc8e2eef7a99e8f52b49e95e1eeff80c95ce9d4aab3a45e27ce169be09d45 configure.ac +8c57a508cec0f5243dcc0df7b194f7daf85d3f7d7b747747be20ec0d84f3ddaa configure.ac d3f9ee6f6f0846888d9a10fd3dad2e4b1258be84205426cf04d7cef02d61dad7 aclocal.m4 cf2c764639c4c94abc183a0976eca6ae500b80790ea25e3d0af97b23587363b7 libqpdf/qpdf/qpdf-config.h.in 5297971a0ef90bcd5563eb3f7127a032bb76d3ae2af7258bf13479caf8983a60 m4/ax_cxx_compile_stdcxx.m4 diff --git a/configure b/configure index d7db7986..e1859295 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for qpdf 10.0.3. +# Generated by GNU Autoconf 2.69 for qpdf 10.0.4. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='qpdf' PACKAGE_TARNAME='qpdf' -PACKAGE_VERSION='10.0.3' -PACKAGE_STRING='qpdf 10.0.3' +PACKAGE_VERSION='10.0.4' +PACKAGE_STRING='qpdf 10.0.4' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1377,7 +1377,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures qpdf 10.0.3 to adapt to many kinds of systems. +\`configure' configures qpdf 10.0.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1443,7 +1443,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of qpdf 10.0.3:";; + short | recursive ) echo "Configuration of qpdf 10.0.4:";; esac cat <<\_ACEOF @@ -1629,7 +1629,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -qpdf configure 10.0.3 +qpdf configure 10.0.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2298,7 +2298,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by qpdf $as_me 10.0.3, which was +It was created by qpdf $as_me 10.0.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -16210,7 +16210,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # LT = libtool LT_CURRENT=28 LT_AGE=0 -LT_REVISION=3 +LT_REVISION=4 @@ -19114,7 +19114,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by qpdf $as_me 10.0.3, which was +This file was extended by qpdf $as_me 10.0.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19180,7 +19180,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -qpdf config.status 10.0.3 +qpdf config.status 10.0.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index b60f320c..396284c6 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ dnl Process this file with autoconf to produce a configure script. dnl This config.in requires autoconf 2.5 or greater. AC_PREREQ([2.68]) -AC_INIT([qpdf],[10.0.3]) +AC_INIT([qpdf],[10.0.4]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_FILES([autoconf.mk]) @@ -54,7 +54,7 @@ LT_INIT([win32-dll]) # LT = libtool LT_CURRENT=28 LT_AGE=0 -LT_REVISION=3 +LT_REVISION=4 AC_SUBST(LT_CURRENT) AC_SUBST(LT_REVISION) AC_SUBST(LT_AGE) diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc index a233f05e..793ce2fc 100644 --- a/libqpdf/QPDF.cc +++ b/libqpdf/QPDF.cc @@ -25,7 +25,7 @@ #include #include -std::string QPDF::qpdf_version = "10.0.3"; +std::string QPDF::qpdf_version = "10.0.4"; static char const* EMPTY_PDF = "%PDF-1.3\n" diff --git a/manual/qpdf-manual.xml b/manual/qpdf-manual.xml index ff868777..10a165d3 100644 --- a/manual/qpdf-manual.xml +++ b/manual/qpdf-manual.xml @@ -5,8 +5,8 @@ - - + + ]> @@ -4805,6 +4805,27 @@ print "\n"; --> + + 10.0.4: November 21, 2020 + + + + + Bug Fixes + + + + + Fix a handful of integer overflows. This includes cases + found by fuzzing as well as having qpdf not do range + checking on unused values in the xref stream. + + + + + + + 10.0.3: October 31, 2020 diff --git a/qpdf/qpdf.cc b/qpdf/qpdf.cc index a5f18d7e..83670596 100644 --- a/qpdf/qpdf.cc +++ b/qpdf/qpdf.cc @@ -38,7 +38,7 @@ static int constexpr EXIT_CORRECT_PASSWORD = 3; static char const* whoami = 0; -static std::string expected_version = "10.0.3"; +static std::string expected_version = "10.0.4"; struct PageSpec {