Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:01780-1

Опубликовано: 30 мая 2025
Источник: suse-cvrf

Описание

Security update for poppler

This update for poppler fixes the following issues:

  • CVE-2025-32364: integer overflow due to INT_MIN negation in the PSStack::roll function of Function.cc leads to floating point exception crash in pdftotext (bsc#1240880).
  • CVE-2025-32365: misplaced isOk check in the JBIG2Bitmap::combine function of JBIG2Stream.cc leads to out-of-bounds read (bsc#1240881).

Список пакетов

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
libpoppler-devel-0.43.0-16.55.1
libpoppler-glib-devel-0.43.0-16.55.1
libpoppler-glib8-0.43.0-16.55.1
libpoppler-qt4-4-0.43.0-16.55.1
libpoppler-qt4-devel-0.43.0-16.55.1
libpoppler60-0.43.0-16.55.1
poppler-tools-0.43.0-16.55.1

Ссылки

Описание

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.

Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-devel-0.43.0-16.55.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-glib-devel-0.43.0-16.55.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-glib8-0.43.0-16.55.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-qt4-4-0.43.0-16.55.1
Ссылки

Описание

Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.

Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-devel-0.43.0-16.55.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-glib-devel-0.43.0-16.55.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-glib8-0.43.0-16.55.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libpoppler-qt4-4-0.43.0-16.55.1
Ссылки
Уязвимость SUSE-SU-2025:01780-1