[NTG-pdftex] xpdf/poppler usage: Movements on the poppler side, and a request for help

Frank Küster frank at debian.org
Fri Oct 27 14:37:16 CEST 2006

Dear all,

recently more projects that do not need any of the fancy graphical
interfaces are considering using poppler, e.g. CUPS.  However, the
poppler developers plan to make unavailable the old, undocumented, never
planned and unmaintainable API of "plain libpoppler".  

These two wishes together give us a fair chance that someone will
actually do the work and develop a clean API for a plain C-only poppler,
without any graphics payload.  Therefore it would be nice if someone
among the pdfTeX developers would take part in the discussion, in
particular help answer the question in 


| What functionality would the tetex people need exported from such an
| API?

At a short glance over pdftoepdf.cc and pdftosrc.cc, I only found these


But in fact there may be more - and you may also have some wishes about
PDF parsing and manipulation that need to be added yet.

Is there anyone who would take up this task?

TIA, Frank

P.S. For those who don't remember what this is about: 

The frequent security bugs in xpdf code, sometimes exploitable with
hand-crafted pdf files, are considered to be also a security problem in
pdfTeX and other software that embeds such code, by the security teams
of different Linux distributions.  And it causes major headaches, since
each embedded xpdf version needs a slightly changed patch.  The goal is
to replace the xpdf code with a poppler copy, so that static linking
would still be possible, but distributions could also link dynamically
and fix security problems with just one new package for libpoppler.

Dr. Frank Küster
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX/TeXLive)

More information about the ntg-pdftex mailing list