SUSE-SU-2025:02324-1

Опубликовано: 16 июл. 2025

Источник: suse-cvrf

Описание

Security update for poppler

This update for poppler fixes the following issues:

CVE-2025-52886: Fixed an integer overflow that can lead to a use-after-free. (bsc#1245625)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6

libpoppler-cpp0-24.03.0-150600.3.16.1

libpoppler-devel-24.03.0-150600.3.16.1

libpoppler-glib-devel-24.03.0-150600.3.16.1

libpoppler-glib8-24.03.0-150600.3.16.1

libpoppler135-24.03.0-150600.3.16.1

poppler-tools-24.03.0-150600.3.16.1

typelib-1_0-Poppler-0_18-24.03.0-150600.3.16.1

SUSE Linux Enterprise Module for Basesystem 15 SP7

libpoppler-cpp0-24.03.0-150600.3.16.1

libpoppler-devel-24.03.0-150600.3.16.1

libpoppler-glib-devel-24.03.0-150600.3.16.1

libpoppler-glib8-24.03.0-150600.3.16.1

libpoppler135-24.03.0-150600.3.16.1

poppler-tools-24.03.0-150600.3.16.1

typelib-1_0-Poppler-0_18-24.03.0-150600.3.16.1

SUSE Linux Enterprise Module for Package Hub 15 SP6

libpoppler-cpp0-24.03.0-150600.3.16.1

libpoppler-devel-24.03.0-150600.3.16.1

libpoppler-glib8-32bit-24.03.0-150600.3.16.1

libpoppler-qt5-1-24.03.0-150600.3.16.1

libpoppler-qt5-devel-24.03.0-150600.3.16.1

libpoppler-qt6-3-24.03.0-150600.3.16.1

libpoppler-qt6-devel-24.03.0-150600.3.16.1

libpoppler135-32bit-24.03.0-150600.3.16.1

SUSE Linux Enterprise Module for Package Hub 15 SP7

libpoppler-cpp0-24.03.0-150600.3.16.1

libpoppler-devel-24.03.0-150600.3.16.1

libpoppler-glib8-32bit-24.03.0-150600.3.16.1

libpoppler-qt5-1-24.03.0-150600.3.16.1

libpoppler-qt5-devel-24.03.0-150600.3.16.1

libpoppler-qt6-3-24.03.0-150600.3.16.1

libpoppler-qt6-devel-24.03.0-150600.3.16.1

libpoppler135-32bit-24.03.0-150600.3.16.1

openSUSE Leap 15.6

libpoppler-cpp0-24.03.0-150600.3.16.1

libpoppler-cpp0-32bit-24.03.0-150600.3.16.1

libpoppler-devel-24.03.0-150600.3.16.1

libpoppler-glib-devel-24.03.0-150600.3.16.1

libpoppler-glib8-24.03.0-150600.3.16.1

libpoppler-glib8-32bit-24.03.0-150600.3.16.1

libpoppler-qt5-1-24.03.0-150600.3.16.1

libpoppler-qt5-1-32bit-24.03.0-150600.3.16.1

libpoppler-qt5-devel-24.03.0-150600.3.16.1

libpoppler-qt6-3-24.03.0-150600.3.16.1

libpoppler-qt6-devel-24.03.0-150600.3.16.1

libpoppler135-24.03.0-150600.3.16.1

libpoppler135-32bit-24.03.0-150600.3.16.1

poppler-tools-24.03.0-150600.3.16.1

typelib-1_0-Poppler-0_18-24.03.0-150600.3.16.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202502324-1/
Link for SUSE-SU-2025:02324-1
https://lists.suse.com/pipermail/sle-updates/2025-July/040724.html
E-Mail link for SUSE-SU-2025:02324-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1245625
SUSE Bug 1245625
https://www.suse.com/security/cve/CVE-2025-52886/
SUSE CVE CVE-2025-52886 page

Описание

Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-cpp0-24.03.0-150600.3.16.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-devel-24.03.0-150600.3.16.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-glib-devel-24.03.0-150600.3.16.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-glib8-24.03.0-150600.3.16.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-52886.html
CVE-2025-52886
https://bugzilla.suse.com/1245625
SUSE Bug 1245625

SUSE-SU-2025:02324-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Basesystem 15 SP7

SUSE Linux Enterprise Module for Package Hub 15 SP6

SUSE Linux Enterprise Module for Package Hub 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-52886

Описание

Затронутые продукты

Ссылки