Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:02317-1

Опубликовано: 15 июл. 2025
Источник: suse-cvrf

Описание

Security update for poppler

This update for poppler fixes the following issues:

  • CVE-2025-52886: Fixed an integer overflow that can lead to a use-after-free. (bsc#1245625)

Список пакетов

SUSE Linux Enterprise Server 12 SP5-LTSS
libpoppler-devel-0.43.0-16.58.2
libpoppler-glib-devel-0.43.0-16.58.2
libpoppler-glib8-0.43.0-16.58.2
libpoppler-qt4-4-0.43.0-16.58.2
libpoppler-qt4-devel-0.43.0-16.58.2
libpoppler60-0.43.0-16.58.2
poppler-tools-0.43.0-16.58.2
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
libpoppler-devel-0.43.0-16.58.2
libpoppler-glib-devel-0.43.0-16.58.2
libpoppler-glib8-0.43.0-16.58.2
libpoppler-qt4-4-0.43.0-16.58.2
libpoppler-qt4-devel-0.43.0-16.58.2
libpoppler60-0.43.0-16.58.2
poppler-tools-0.43.0-16.58.2

Ссылки

Описание

Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:libpoppler-devel-0.43.0-16.58.2
SUSE Linux Enterprise Server 12 SP5-LTSS:libpoppler-glib-devel-0.43.0-16.58.2
SUSE Linux Enterprise Server 12 SP5-LTSS:libpoppler-glib8-0.43.0-16.58.2
SUSE Linux Enterprise Server 12 SP5-LTSS:libpoppler-qt4-4-0.43.0-16.58.2
Ссылки