From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49107)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dQgR1-00013r-Vo
	for guix-patches@gnu.org; Thu, 29 Jun 2017 16:53:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dQgQx-0002en-2Z
	for guix-patches@gnu.org; Thu, 29 Jun 2017 16:53:08 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:42414)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1dQgQw-0002eg-V0
	for guix-patches@gnu.org; Thu, 29 Jun 2017 16:53:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1dQgQw-0008U8-O7
	for guix-patches@gnu.org; Thu, 29 Jun 2017 16:53:02 -0400
Subject: bug#27524: [PATCH] gnu: poppler: Fix CVE-2017-{9775,9776}.
Resent-To: guix-patches@gnu.org
Resent-Message-ID: <handler.27524.D27524.149876955732579.done@debbugs.gnu.org>
Date: Thu, 29 Jun 2017 16:51:49 -0400
From: Leo Famulari <leo@famulari.name>
Message-ID: <20170629205149.GA19238@jasmine.lan>
References: <3a94d64e80c9ddc69ce334ad823a7dbd7ec7fd8f.1498720891.git.leo@famulari.name>
	<87k23ulqls.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="ZPt4rx8FFjLCG7dd"
Content-Disposition: inline
In-Reply-To: <87k23ulqls.fsf@gnu.org>
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Cc: 27524-done@debbugs.gnu.org


--ZPt4rx8FFjLCG7dd
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jun 29, 2017 at 06:13:03PM +0200, Ludovic Court=E8s wrote:
> Leo Famulari <leo@famulari.name> skribis:
>=20
> > * gnu/packages/pdf.scm (poppler)[replacement]: New field.
> > (poppler-0.56.0): New variable.
> > (poppler-qt4, poppler-qt5): Use 'package/inherit'.
>=20
> LGTM!  I assume 0.52.0 and 0.56.0 are ABI-compatible.

Yes, they are ABI-compatible as far as I can tell. I tried
cherry-picking the upstream patches but they don't apply cleanly to
poppler 0.52.0, which I why I decided to use the updated poppler as the
replacement.

Thanks for the review!

Pushed as 95bbaa02aa63bc5eae36f686f1ed9915663aa4cf.

--ZPt4rx8FFjLCG7dd
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAllVaGUACgkQJkb6MLrK
fwhPmg/+Iv3h465DFI92rqLrtzVheVp27CpOUTpJo83kgAwxdDcOTptjskuSKmcI
ZeXDmfViRptqS/75unGw/64Js2sGfUhLCt5MZ7ZTPX91pCsrBu8Juzv5znIZMVBF
ADCKO3mxFP8UvVE/baVoI5RhRvtOnIqvC4ZMLJjFnYBAoQZwWEPkAP/3Z8WjUiDu
3TTOsSYwHLtLGNcd/4PnL9yaxisltwIRaU4OYq8cmGD5gGjgLnXoARqno4U4lALd
JmGbs+DRcnvyByJpjYmz/oXkFJpg7O+EPwKgM9+4JakoXuKtFdcc288JpUcDdsab
r1KRW61q1rw3RRHnVYFkET2L+30nqbcVyd4RyZQIOLnI78lMRR8tlicTYR7FmSCd
JfnS9ac5FWPMc5BHQyYCCJ80UszDZVVxmCjDUwHYOv6mKuNOLAZabjFETmvPjgx4
uWGJHanv/WGxf8IreXeW2NwgU+XnKEohtU+t+KC4gH6h6ZEhHaYAPJHFoGF6zB/5
7kz8VcYyvOvPK0caVRzN/t+fe4B+D9QEccwZS+LuA66SjTWM6vXRVeLscB6p+sdG
+YvxUrRI5YGhPd32xOAYD/d7SqgD6xK2jXQEZXbzEXcncC4HdlmvU+VgXa7xsVaW
d/DuQ4BKY4zvoTcV73JlyTDsx/K2eQD0WfxScxp99f/iTj5hZAc=
=P/o2
-----END PGP SIGNATURE-----

--ZPt4rx8FFjLCG7dd--