|
From: Jay B. <ej...@ql...> - 2023-10-17 11:40:55
|
I am attaching to this message a patch that applies cleanly to 11.3.0. This version also applies cleanly to 11.0.0. I haven't tested all intermediate versions, but I suspect one of the two patches should apply to all versions from 11.0.0 to 11.6.2. I'm re-attaching the previous patch to this message for convenience. On Tue, Oct 17, 2023, at 7:10 AM, Jay Berkenbilt wrote: > The recent release of qpdf 11.6.3 included an important fix to a bug that could result in loss of data. If you are a packager of qpdf and have a stable version between 11.0.0 and 11.6.2, the attached patch is a minimal patch to fix this bug. It will apply cleanly (with -p1) to recent qpdf releases. Because of other reorganization of QPDFTokenizer.cc, it won't directly apply to 11.0.0, but the changes are very small and can easily be applied manually to the QPDFTokenizer::inCharCode function. If possible, I would encourage packagers to either upgrade to 11.6.3 or apply this patch to any version >= 11.0.0 and <= 11.6.2. Versions 10.6.3 and below are not affected by this bug. The patch is excerpted from https://github.com/qpdf/qpdf/commit/1ecc6bb29e24a4f89470ff91b2682b46e0576ad4. It includes the critical code change without the ChangeLog entry or test cases. > > --Jay > > > *Attachments:* > • qpdf-1ecc6bb2.patch |
