poppler (22.02.0-2ubuntu0.10) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2025-50420.patch: don't continue
recursing in PDFDoc in poppler/PDFDoc.cc.
- CVE-2025-50420
-- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com> Tue, 12 Aug 2025 13:21:56 -0300
poppler (22.02.0-2ubuntu0.9) jammy-security; urgency=medium
* SECURITY UPDATE: DoS via reference count overflow
- debian/patches/CVE-2025-52886.patch: limit amount of annots per
document/page in poppler/Annot.cc, poppler/Page.cc.
- CVE-2025-52886
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 25 Jul 2025 11:21:27 -0400
poppler (22.02.0-2ubuntu0.8) jammy-security; urgency=medium
* SECURITY UPDATE: signature validation
- debian/patches/CVE-2025-43903.patch: Properly verify adbe.pkcs7.sha1
signatures.
- CVE-2025-43903
-- Fabian Toepfer <fabian.toepfer@canonical.com> Thu, 24 Apr 2025 14:59:10 +0200
poppler (22.02.0-2ubuntu0.7) jammy-security; urgency=medium
* SECURITY UPDATE: DoS via floating point exception
- debian/patches/CVE-2025-32364.patch: protect against doing int =
-INT_MIN in poppler/Function.cc.
- CVE-2025-32364
* SECURITY UPDATE: DoS in JBIG2Bitmap::combine function
- debian/patches/CVE-2025-32365.patch: move isOk check to inside
JBIG2Bitmap::combine in poppler/JBIG2Stream.cc.
- CVE-2025-32365
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 07 Apr 2025 12:59:39 -0400
poppler (22.02.0-2ubuntu0.6) jammy-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read in pdf file parsing.
- debian/patches/CVE-2024-56378.patch: Add checks to unlikely and destPtr
in poppler/JBIG2Stream.cc.
- CVE-2024-56378
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Tue, 14 Jan 2025 12:44:37 -0330
poppler (22.02.0-2ubuntu0.5) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2024-6239.patch: fix crash in broken
documents when using -dests in utils/pdfinfo.c.
- CVE-2024-6239
-- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com> Thu, 27 Jun 2024 14:11:16 -0300
poppler (22.02.0-2ubuntu0.4) jammy; urgency=medium
* Add fix-invisible-form-fields.patch:
- Pick upstream fix for a regression making fields invisible
(LP: #1980836)
-- Timo Jyrinki <timo-jyrinki@ubuntu.com> Wed, 17 Apr 2024 14:49:37 +0300
poppler (22.02.0-2ubuntu0.3) jammy-security; urgency=medium
* SECURITY UPDATE: denial of service issue
- debian/patches/CVE-2022-37050.patch: pdfseparate: Check XRef's
Catalog for being a Dict
- debian/patches/CVE-2022-37051.patch: Check isDict before calling
getDict
- debian/patches/CVE-2022-37052.patch: pdfseparate: Account for
XRef::add failing because we run out of memory
- debian/patches/CVE-2022-38349.patch: pdfunite: Fix crash on broken
files
- CVE-2022-37050
- CVE-2022-37051
- CVE-2022-37052
- CVE-2022-38349
-- Nishit Majithia <nishit.majithia@canonical.com> Wed, 22 Nov 2023 11:22:05 +0530
poppler (22.02.0-2ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: DoS via crafted PDF file
- debian/patches/CVE-2022-27337.patch: bail out if we run out of file
when reading in poppler/Hints.cc.
- CVE-2022-27337
* SECURITY UPDATE: DoS via crafted PDF file
- debian/patches/CVE-2023-34872.patch: fix crash in poppler/Outline.cc.
- CVE-2023-34872
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 02 Aug 2023 14:52:35 -0400
poppler (22.02.0-2ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Integer Overflow
- debian/patches/CVE-2022-38784.patch:Fix crash on broken file
in poppler/JBIG2Stream.cc.
- CVE-2022-38784
-- Leonidas Da Silva Barbosa <leo.barbosa@canonical.com> Tue, 06 Sep 2022 06:32:35 -0300
# For older changelog entries, run 'apt-get changelog libpoppler118'
Generated by dwww version 1.14 on Tue Aug 26 01:04:09 CEST 2025.