openSUSE-SU-2021:0893-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0893-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2021:0893-1
Related
Published
2021-06-17T18:06:10Z
Modified
2021-06-17T18:06:10Z
Summary
Security update for htmldoc
Details

This update for htmldoc fixes the following issues:

htmldoc was updated to version 1.9.12

  • Fixed buffer-overflow CVE-2021-20308 ( boo#1184424 )
  • Fixed a crash bug with 'data:' URIs and EPUB output
  • Fixed several other crash bugs
  • Fixed JPEG error handling
  • Fixed some minor issues
  • Removed the bundled libjpeg, libpng, and zlib.

update to 1.9.11:

  • Added high-resolution desktop icons for Linux.
  • Updated the internal HTTP library to fix truncation of redirection URLs
  • Fixed a regression in the handling of character entities for UTF-8 input
  • The --numbered option did not work when the table-of-contents was disabled
  • Updated local zlib to v1.2.11.
  • Updated local libpng to v1.6.37.
  • Fixed packaging issues on macOS and Windows
  • Now ignore sRGB profile errors in PNG files
  • The GUI would crash when saving
  • Page comments are now allowed in pre text

update to 1.9.9:

  • Added support for a HTMLDOC.filename META keyword that controls the filename reported in CGI mode; the default remains 'htmldoc.pdf' (Issue #367)
  • Fixed a paragraph formatting issue with large inline images (Issue #369)
  • Fixed a buffer underflow issue (Issue #370)
  • Fixed PDF page numbers (Issue #371)
  • Added support for a new L header/footer format ($LETTERHEAD), which inserts a letterhead image at its full size (Issue #372, Issue #373, Issue #375)
  • Updated the build documentation (Issue #374)
  • Refactored the PRE rendering code to work around compiler optimization bugs
  • Added support for links with targets (Issue #351)
  • Fixed a table rowspan + valign bug (Issue #360)
  • Added support for data URIs (Issue #340)
  • HTMLDOC no longer includes a PDF table of contents when converting a single web page (Issue #344)
  • Updated the markdown support with external links, additional inline markup, and hard line breaks.
  • Links in markdown text no longer render with a leading space as part of the link (Issue #346)
  • Fixed a buffer underflow bug discovered by AddressSanitizer.
  • Fixed a bug in UTF-8 support (Issue #348)
  • PDF output now includes the base language of the input document(s)
  • Optimized the loading of font widths (Issue #354)
  • Optimized PDF page resources (Issue #356)
  • Optimized the base memory used for font widths (Issue #357)
  • Added proper ­ support (Issue #361)
  • Title files can now be markdown.
  • The GUI did not support EPUB output.
  • Empty markdown table cells were not rendered in PDF or PostScript output.
  • The automatically-generated title page now supports both 'docnumber' and 'version' metadata.
  • Added support for dc:subject and dc:language metadata in EPUB output from the HTML keywords and lang values.
  • Added support for the subject and language metadata in markdown input.
  • Fixed a buffer underflow bug (Issue #338)
  • htmldoc --help now reports whether HTTPS URLs are supported (Issue #339)
  • Fixed an issue with HTML title pages and EPUB output.
  • Inline fixed-width text is no longer reduced in size automatically
  • Optimized initialization of font width data (Issue #334)
  • Fixed formatting bugs with aligned images (Issue #322, Issue #324)
  • Fixed support for three digit '#RGB' color values (Issue #323)
  • Fixed character set support for markdown metadata.
  • Updated libpng to v1.6.34 (Issue #326)
  • The makefiles did not use the CPPFLAGS value (Issue #328)
  • Added Markdown table support.
  • Fixed parsing of TBODY, TFOOT, and THEAD elements in HTML files.
References

Affected packages

SUSE:Package Hub 15 SP2 / htmldoc

Package

Name
htmldoc
Purl
pkg:rpm/suse/htmldoc&distro=SUSE%20Package%20Hub%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.12-bp152.4.3.1

Ecosystem specific

{
    "binaries": [
        {
            "htmldoc": "1.9.12-bp152.4.3.1"
        }
    ]
}