2013-10-18 Jay Berkenbilt <ejb@ql.org>
* 5.0.1: release
* Warn when -accessibility=n is specified with a modern encryption
format (R > 3). Also, accept this flag (and ignore with warning)
with 256-bit encryption. qpdf has always ignored the
accessibility setting with R > 3, but it previously did so
silently.
2013-10-05 Jay Berkenbilt <ejb@ql.org>
* Replace operator[] in std::string and std::vector with "at" in
order to get bounds checking. This reduces the chances that
incorrect code will result in data exposure or buffer overruns.
See README.hardening for additional notes.
* Use cryptographically secure random number generation when
available. See additional notes in README.
* Replace some assert() calls with std::logic_error exceptions.
Ideally there shouldn't be assert() calls outside of testing.
This change may make a few more potential code errors in handling
invalid data recoverable.
* Security fix: In places where std::vector<T>(size_t) was used,
either validate that the size parameter is sane or refactor code
to avoid the need to pre-allocate the vector. This reduces the
likelihood of allocating a lot of memory in response to invalid
data in linearization hint streams.
* Security fix: sanitize /W array in cross reference stream to
avoid a potential integer overflow in a multiplication. It is
unlikely that any exploits were possible from this bug as
additional checks were also performed.
* Security fix: avoid buffer overrun that could be caused by bogus
data in linearization hint streams. The incorrect code could only
be triggered when checking linearization data, which must be
invoked explicitly. qpdf does not check linearization data when
reading or writing linearized files, but the qpdf --check command
does check linearization data.
* Security fix: properly handle empty strings in
QPDF_Name::normalizeName. The empty string is not a valid name
and would never be parsed as a name, so there were no known
conditions where this method could be called with an empty string.
* Security fix: perform additional argument sanity checks when
reading bit streams.
* Security fix: in QUtil::toUTF8, change bounds checking to avoid
having a pointer point temporarily outside the bounds of an
array. Some compiler optimizations could have made the original
code unsafe.
2013-07-10 Jay Berkenbilt <ejb@ql.org>
* 5.0.0: release
* 4.2.0 turned out to be binary incompatible on some platforms
even though there were no changes to the public API. Therefore
the 4.2.0 release has been withdrawn, and is being replaced with a
5.0.0 release that acknowledges the ABI change and also removes
some problematic methods from the public API.
* Remove methods from public API that were only intended to be
used by QPDFWriter and really didn't make sense to call from
anywhere else as they required internal knowledge that only
QPDFWriter had:
- QPDF::getLinearizedParts
- QPDF::generateHintStream
- QPDF::getObjectStreamData
- QPDF::getCompressibleObjGens
- QPDF::getCompressibleObjects
2013-07-07 Jay Berkenbilt <ejb@ql.org>
* 4.2.0: release [withdrawn]
* Ignore error case of a stream's decode parameters having invalid
length when there are no stream filters.
* qpdf: add --show-npages command-line option, which causes the
number of pages in the input file to be printed on a line by
itself.
* qpdf: allow omission of range in --pages. If range is omitted
such that an argument that is supposed to be a range is an invalid
range and a valid file name, the range of 1-z is assumed. This
makes it possible to merge a bunch of files with something like
qpdf --empty out.pdf --pages *.pdf --
2013-06-15 Jay Berkenbilt <ejb@ql.org>
* Handle some additional broken files with missing /ID in trailer
for encrypted files and with space rather than newline after xref.
2013-06-14 Jay Berkenbilt <ejb@ql.org>
* Detect and correct /Outlines dictionary being a direct object
when linearizing files. This is not allowed by the spec but has
been seen in the wild. Prior to this change, such a file would
cause an internal error in the linearization code, which assumed
/Outlines was indirect.
* Add /Length key to crypt filter dictionary for encrypted files.
This key is optional, but some version of MacOS reportedly fail to
open encrypted PDF files without this key.
* Bug fix: properly handle object stream generation when the
original file has some compressible objects with generation != 0.
* Add QPDF::getCompressibleObjGens() and deprecate
QPDF::getCompressibleObjects(), which had a flaw in its logic.
* Add new QPDFObjectHandle::getObjGen() method and indiciate in
comments that its use is favored over getObjectID() and
getGeneration() for most cases.
* Add new QPDFObjGen object to represent an object ID/generation
pair.
2013-04-14 Jay Berkenbilt <ejb@ql.org>
* 4.1.0: release
2013-03-25 Jay Berkenbilt <ejb@ql.org>
* manual/qpdf-manual.xml: Document the casting policy that is
followed in qpdf's implementation.
2013-03-11 Jay Berkenbilt <ejb@ql.org>
* When creating Windows binary distributions, make sure to only
copy DLLs of the correct type. The ensures that the 32-bit
distributions contain 32-bit DLLs and the 64-bit distributions
contain 64-bit DLLs.
2013-03-07 Jay Berkenbilt <ejb@ql.org>
* Use ./install-sh (already present) instead of "install -c" to
install executables to fix portability problems against different
UNIX variants.
2013-03-03 Jay Berkenbilt <ejb@ql.org>
* Add protected terminateParsing method to
QPDFObjectHandle::ParserCallbacks that implementor can call to
terminate parsing of a content stream.
2013-02-28 Jay Berkenbilt <ejb@ql.org>
* Favor fopen_s and strerror_s on MSVC to avoid CRT security
warnings. This is useful for people who may want to use qpdf in
an application that is Windows 8 certified.
* New method QUtil::safe_fopen to wrap calls to fopen. This is
less cumbersome than calling QUtil::fopen_wrapper.
* Remove all calls to sprintf
* New method QUtil::int_to_string_base to convert to octal or
hexademical (or decimal) strings without using sprintf
2013-02-26 Jay Berkenbilt <ejb@ql.org>
* Rewrite QUtil::int_to_string and QUtil::double_to_string to
remove internal length limits but to remain backward compatible
with the old versions for valid inputs.
2013-02-23 Jay Berkenbilt <ejb@ql.org>
* Bug fix: properly handle overridden compressed objects. When
caching objects from an object stream, only cache objects that,
based on the xref table, would actually be resolved into this
stream. Prior to this fix, if an object stream A contained an
object B that was overridden by an appended section of the file,
qpdf would cache the old value of B if any non-overridden member
of A was accessed before B. This commit fixes that bug.
2013-01-31 Jay Berkenbilt <ejb@ql.org>
* Do not remove libtool's .la file during the make install step.
Note to packagers: if your distribution wants to you remove the
.la file, you will have to do that yourself now.
2013-01-25 Jay Berkenbilt <ejb@ql.org>
* New method QUtil::hex_encode to encode binary data as a
hexadecimal string
* qpdf --check was exiting with status 0 in some rare cases even
when errors were found. It now always exits with one of the
document error codes (0 for success, 2 for errors, 3 or warnings).
2013-01-24 Jay Berkenbilt <ejb@ql.org>
* Make --enable-werror work for MSVC, and generally handle warning
options better for that compiler. Warning flags for that compiler
were previous hard-coded into the build with /WX enabled
unconditionally.
* Split warning flags into WFLAGS in autoconf.mk to make them
easier to override. Before they were repeated in CFLAGS and
CXXFLAGS and were commingled with other compiler flags.
* qpdf --check now does syntactic checks all pages' content
streams as well as checking overall document structure. Semantic
errors are still not checked, and there are no plans to add
semantic checks.
2013-01-22 Jay Berkenbilt <ejb@ql.org>
* Add QPDFObjectHandle::getTypeCode(). This method returns a
unique integer (enumerated type) value corresponding to the object
type of the QPDFObjectHandle. It can be used as an alternative to
the QPDFObjectHandle::is* methods for type testing, particularly
where there is a desire to use a switch statement or optimize for
performance when testing object types.
* Add QPDFObjectHandle::getTypeName(). This method returns a
string literal describing the object type. It is useful for
testing and debugging.
2013-01-20 Jay Berkenbilt <ejb@ql.org>
* Add QPDFObjectHandle::parseContentStream, which parses the
objects in a content stream and calls handlers in a callback
class. The example pdf-parse-content illustrates it use.
* Add QPDF_Operator and QPDF_InlineImage types along with
appropriate wrapper methods in QPDFObjectHandle. These new object
types are to facilitate content stream parsing.
Poppler is a PDF rendering library based on the xpdf-3.0 code base.
PyPoppler is a wrapper which exposes the poppler API to the python
world. It is fairly complete, most of the API are covered.
The documentation is actually missing, help wanted :)
PyPDF2 is a library for handling PDF files for python. It is an
enhanced version of pyPdf, supporting more PDF files encountered
in the wild with better error handling.
Added Support for the Following New Printers:
- HP Designjet Z5400 44-in PostScript ePrinter
- HP Deskjet Ink Advantage 1018 Printer
- HP Deskjet Ink Advantage 1518 All-in-One Printer
- HP Deskjet Ink Advantage 2540 All-in-One Printer Series
- HP Deskjet Ink Advantage 2545 All-in-One Printer
- HP Deskjet Ink Advantage 2546 All-in-One Printer
- HP DeskJet Ink Advantage 4515 e-All-in-One Printer
- HP DeskJet Ink Advantage 4518 e-All-in-One Printer
- HP Envy 4504 e-All-in-One
- HP LaserJet Pro MFP M435nw
- HP Officejet 4630 e-All-in-One
- HP Officejet 4632 e-All-in-One Printer
- HP Officejet 4635 e-All-in-One Printer
- HP OfficeJet Pro 8600 Premium e-AiO N911n
- HP Photosmart 5521 e-All-in-One Printer
Launchpad fixes:
1209339 - HP OfficeJet G55 is not detecting through USB
1209352 - Collate broken under Fedora 19/CUPS-1.6/hplip-3.13.7 as hpps
sends SET COPIES
Issues fixed:
- Added support for print queue addition using hostname(hp-setup
<HOSTNAME>)
- Fix for plugin installation and test page in 'hp-setup -i'
* Background printing (BGPrint) is a new feature allowing an accumulated page clist to be rendered by one or more rendering threads whilst the interpreter (in the "main" thread) continues to accumulate the subsequent page's clist. For certain classes of file this can result in a useful performance increase.
* GrayDetection allows suitably written devices to detect "color" input in near neutral tones (i.e. near monochrome) and to convert "on-the-fly" to pure grayscale, whilst retaining the ability to print full color on demand. This is primarily aimed at workflows where saving ink (especially color inks) is required.
* LittleCMS2 and libpng have both been updated to the latest versions.
* Support has been added to build the Ghostscript DLL for WinRT for x86, x64 and ARM (Requires MS Visual Studio 2012 Pro).
* Processing of Windows command line arguments into UTF8 (as presaged a few releases ago) has been enhanced and enabled by default.
* The URW Postscript font set has been updated to the latest version, fixing many compatibility problems with the Adobe fonts.
* Plus the usual round of bug fixes, compatibility changes, and incremental improvements.
Release 0.24.1
core:
* SplashOutputDev: use getRGBLine images if available. Bug #66928
* SplashOutputDev: Don't copy bitmap if we don't need to.
* PSOutputDev: Fix regression in -eps -level1sep rendering. Bug #68321
* Fix crash in malformed file 1026.asan.0.42.pdf
* use copyString instead of strdup where memory is freed with gfree. Bug #67666
utils:
* pdfdetach: don't mention xpdfrc
* pdftotext: Fix -bbox with stdin as input. Bug #45163
* pdftohtml: Fix jpeg image export. Bug #48270
* pdfimages: Fix typos in man page
glib:
* demo: Remove GTK_DISABLE_DEPRECATED compilation flag
qt4:
* Fix small typo in documentation
qt5:
* Fix small typo in documentation
Release Notes/Change Log:
HPLIP 3.13.8 - This release has the following changes:
Added Support for the Following New Printers:
- HP Deskjet 1510 All-in-One Printer
- HP Deskjet 1512 All-in-One Printer
- HP Deskjet 1513 All-in-One Printer
- HP Deskjet 2540 All-in-One Printer
- HP Deskjet 2542 All-in-One Printer
- HP Deskjet Ink Advantage 1010 Printer Series
- HP Deskjet Ink Advantage 1015 Printer
- HP Deskjet Ink Advantage 1510 All-in-One Printer Series
- HP Deskjet Ink Advantage 1515 All-in-One Printer
- HP Deskjet Ink Advantage 1516 All-in-One Printer
- HP Deskjet Ink Advantage 3540 e-All-in-One Printer Series
- HP Deskjet Ink Advantage 3545 e-All-in-One Printer
- HP Deskjet Ink Advantage 3546 e-All-in-One Printer
Launchpad fixes:
233393 - Smart install disable popup is coming for HP pen drive and HP
CD/DVD ROM
Change log:
- Added support for Avahi network printer browsing
- Using SLP protocol by default to browse printer in hp-setup
- Fix for Failing to install libtool package in Fedora 18 during HPLIP
installation
HPLIP 3.13.7 - This release has the following changes:
Added Support for the Following New Printers:
- HP Deskjet 1010 Printer
- HP Deskjet 1012 Printer
- HP ENVY 5530 e-All-in-One Printer
- HP ENVY 5535 e-All-in-One Printer
- HP Officejet 7610 Wide Format e-All-in-One Printer
Added support for the following new Distro's:
- Debian 7.1
- Fedora 19
Launchpad fixes:
746814 - CVE-2010-4267 Remote Stack Overflow Vulnerability
1195221 - Unable to install plugin for network printer Laserjet 2600n
1197306 - HP laserjet 1020 not printing on Ubuntu12.10 after power cycle
the printer
1196335 - HPLIP 3.13.6 stop working after shutting down/rebooting the
computer
Issues fixed:
- Unable to launch "Align Cartrides" and "Clean Cartridges" interfaces
from HP Device Manager
- Lot of debug prints(File Pointer is NULL) are found in syslog even
when hpLogLevel is not 15
- Updated plugin-reason for HP LaserJet Professional P1607dn Printer
Series
* Background printing (BGPrint) is a new feature allowing an accumulated page clist to be rendered by one or more rendering threads whilst the interpreter (in the "main" thread) continues to accumulate the subsequent page's clist. For certain classes of file this can result in a useful performance increase.
* GrayDetection allows suitably written devices to detect "color" input in near neutral tones (i.e. near monochrome) and to convert "on-the-fly" to pure grayscale, whilst retaining the ability to print full color on demand. This is primarily aimed at workflows where saving ink (especially color inks) is required.
* LittleCMS2 and libpng have both been updated to the latest versions.
* Support has been added to build the Ghostscript DLL for WinRT for x86, x64 and ARM (Requires MS Visual Studio 2012 Pro).
* Processing of Windows command line arguments into UTF8 (as presaged a few releases ago) has been enhanced and enabled by default.
* The URW Postscript font set has been updated to the latest version, fixing many compatibility problems with the Adobe fonts.
* Plus the usual round of bug fixes, compatibility changes, and incremental improvements.
Release 0.24.0
core:
* TextOutputDev: Do not draw ligatures more than once when
selected. Bug #9001
* PSOutputDev: Make some pdftops conversions much faster
* PSOutputDev: Initialize t3FillColorOnly
* SplashOutputDev: Fallback to 1x1 bitmap if we fail to create
the real size
Release 0.23.4
core:
* TextOutputDev: clip the selected text rendering to the selection
box. Bug #66983
* CairoImageOutputDev: Fix the bounding box of saved images
build system:
* Improve linking against pthreads
Release 0.23.3
core:
* Annotation improvements
* Fix crashes on malformed files
* TextSelectionPainter: Draw glyphs after selection background
* TextOutputDev: add a method to TextPage to get the selection
as a list of words
qt5:
* Initial Qt5 port
qt4:
* Windows compile fixes
* Demo: Allow the choose the page rotation
build system:
* Fix mingw build
* Minor autotools fixes
Release 0.23.2
core:
* SplashOutputDev: Speed-up some tiling on a 10x factor
* Improve caching of lcms2 ICC color profiles
* Put some private classes in an anonymous namespace
qt4:
* Add a thread stresser tool
build system:
* Fix mingw build
Release 0.23.1
core:
* XRef stream writing: Write 32-bit offsets when possible
* Fix splashModeBGR8 rendering (Bug #64381)
glib:
* Do not use deprecated gtk_scrolled_window_add_with_viewport()
(Bug #64683)
build system:
* Fix Large file support when using cmake
Release 0.23.0
core:
* Make rendering thread safe
* Large file support
* Implement Crypt filter (Bug #62800)
* Fix endstream detection (Bug #62985)
* CairoOutputDev: support uncolored tiling patterns (Bug #59179)
* SplashOutputDev: Introduce Thin Line mode support (Bug #37347)
qt4:
* Expose Thin Line mode support
