Bug 527429

Summary: cups: use poppler-utils' pdftops [rhel-5]
Product: Red Hat Enterprise Linux 5 Reporter: Tomas Hoger <thoger>
Component: cupsAssignee: Tim Waugh <twaugh>
Status: CLOSED ERRATA QA Contact: BaseOS QE <qe-baseos-auto>
Severity: medium Docs Contact:
Priority: low    
Version: 5.4CC: pknirsch, ykopkova
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-03-30 08:15:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 447987, 541103    

Description Tomas Hoger 2009-10-06 12:02:52 UTC 
Description of problem:
CUPS contains a copy of the xpdf source code for use in pdftops filter.  xpdf code has high amount of security problems reported and fixed in the past, all requiring CUPS update as well.

CUPS packages in Fedora were recently changed to use a thin wrapper around pdftops provided by poppler-utils instead.  If the same change can be done in RHEL5, we can avoid future CUPS updates for xpdf code fixes, fixing problems in poppler will be sufficient.
Comment 1 Tomas Hoger 2009-10-06 12:05:08 UTC 
Tim, are you aware of reasons why we may not want to do this?  Regression risk, worse control from the CUPS side, too old or too new version of poppler in EL5, or something else?  TY!
Comment 2 Tim Waugh 2009-10-06 12:13:24 UTC 
It's just regression risk as far as I'm aware.  Haven't yet investigated poppler version issues but that might also impact on it.
Comment 4 Tim Waugh 2009-10-26 11:57:06 UTC 
API used is the command line, and all used options are present in the RHEL-5 poppler-utils package.

Regression risk seems to be small as the poppler and CUPS pdftops code bases share heritage.

Proposing for RHEL-5.5 as it would fix approved bug #447987 as a side-effect.
Comment 11 errata-xmlrpc 2010-03-30 08:15:26 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0210.html