- Update from 10.3.2 to 10.4.0 - Update of rootfile - Changelog 10.4.0: release * Add --allow-weak-crypto option to suppress warnings about use of weak cryptographic algorithms. Update documentation around this issue. Fixes #358. * Relax xref recovery logic a bit so that files whose objects are either missing endobj or have endobj at other than the beginning of a line can still be recovered. Fixes #573. * Add support for OpenSSL 3. Fixes #568. The OpenSSL version is detected at compile-time. If you want to build with OpenSSL 3 on a system that has OpenSSL 1 installed, you can run configure like this (or similar to this depending on how you installed openssl3): pc_openssl_CFLAGS=-I/path/to/openssl3/include \ pc_openssl_LIBS='-L/path/to/openssl3/lib64 -lssl -lcrypto' \ ./configure where /path/to/openssl3 is wherever your OpenSSL 3 distribution is installed. You may also need to set the LD_LIBRARY_PATH environment variable if it's not installed in a standard location. * Add range check in QPDFNumberTreeObjectHelper (fuzz issue 37740). * Add QIntC::range_check_subtract to do range checking on subtraction, which has different boundary conditions from addition. * Bug fix: fix crash that could occur under certain conditions when using --pages with files that had form fields. Fixes #548. * Add an extra check to the library to detect when foreign objects are inserted directly (instead of using <function>QPDF::copyForeignObject</function>) at the time of insertion rather than when the file is written. Catching the error sooner makes it much easier to locate the incorrect code. * Bug fix: make overlay/underlay work on a page with no resource dictionary. Fixes #527. * Add QPDF::findPage to the public API. This is primarily to help improve the efficiency of code that wraps the qpdf library, such as pikepdf. Fixes #516. * zlib-flate: warn and exit with code 3 when there is corrupted input data even when decompression is possible. We do this in the zlib-flate CLI so that it can be more reliably used to test the validity of zlib streams, but we don't warn by default in qpdf itself because PDF files in the wild exist with this problem and other readers appear to tolerate it. There is a PDF in the qpdf test suite (form-filled-by-acrobat.pdf) that was written by a version of Adobe Acrobat that exhibits this problem. Fixes #562. * Add Pl_Flate::setWarnCallback to make it possible to be notified of data errors that are recoverable but still indicate invalid data. * Improve error reporting when someone forgets the -- after --pages. Fixes #555. * Bug fix: ensure we don't overflow any string bounds while handling completion, even when we are given bogus input values. Fixes #441. * Improve performance of preservation of object streams by avoiding unnecessary traversal of objects when there are no object streams.

Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/qpdf | 2 +- lfs/qpdf | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/common/qpdf b/config/rootfiles/common/qpdf index dddf593bd..6e59ba345 100644 --- a/config/rootfiles/common/qpdf +++ b/config/rootfiles/common/qpdf @@ -58,7 +58,7 @@ usr/bin/qpdf #usr/lib/libqpdf.la #usr/lib/libqpdf.so usr/lib/libqpdf.so.28 -usr/lib/libqpdf.so.28.3.2 +usr/lib/libqpdf.so.28.4.0 #usr/lib/pkgconfig/libqpdf.pc #usr/share/doc/qpdf #usr/share/doc/qpdf/qpdf-manual.html diff --git a/lfs/qpdf b/lfs/qpdf index 2f23a5141..3bb22ef9d 100644 --- a/lfs/qpdf +++ b/lfs/qpdf @@ -24,7 +24,7 @@

include Config

-VER = 10.3.2 +VER = 10.4.0

THISAPP = qpdf-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)

$(DL_FILE) = $(DL_FROM)/$(DL_FILE)

-$(DL_FILE)_MD5 = 29aaaf03e0f83b3527d1470f8391c876 +$(DL_FILE)_MD5 = 1b80cfab128038a4d0ca05adb5261c88

install : $(TARGET)