Описание
Security update for poppler
This update for poppler fixes the following issues:
- CVE-2025-32364: Fixed a floating point exception. (bsc#1240880)
- CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. (bsc#1240881)
- Adding -fpie compile flag to GCC for Position Independent Executable (PIE) support (bsc#1239939).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP6
libpoppler-cpp0-24.03.0-150600.3.10.1
libpoppler-devel-24.03.0-150600.3.10.1
libpoppler-glib-devel-24.03.0-150600.3.10.1
libpoppler-glib8-24.03.0-150600.3.10.1
libpoppler135-24.03.0-150600.3.10.1
poppler-tools-24.03.0-150600.3.10.1
typelib-1_0-Poppler-0_18-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Package Hub 15 SP6
libpoppler-cpp0-24.03.0-150600.3.10.1
libpoppler-devel-24.03.0-150600.3.10.1
libpoppler-glib8-32bit-24.03.0-150600.3.10.1
libpoppler-qt5-1-24.03.0-150600.3.10.1
libpoppler-qt5-devel-24.03.0-150600.3.10.1
libpoppler-qt6-3-24.03.0-150600.3.10.1
libpoppler-qt6-devel-24.03.0-150600.3.10.1
libpoppler135-32bit-24.03.0-150600.3.10.1
openSUSE Leap 15.6
libpoppler-cpp0-24.03.0-150600.3.10.1
libpoppler-cpp0-32bit-24.03.0-150600.3.10.1
libpoppler-devel-24.03.0-150600.3.10.1
libpoppler-glib-devel-24.03.0-150600.3.10.1
libpoppler-glib8-24.03.0-150600.3.10.1
libpoppler-glib8-32bit-24.03.0-150600.3.10.1
libpoppler-qt5-1-24.03.0-150600.3.10.1
libpoppler-qt5-1-32bit-24.03.0-150600.3.10.1
libpoppler-qt5-devel-24.03.0-150600.3.10.1
libpoppler-qt6-3-24.03.0-150600.3.10.1
libpoppler-qt6-devel-24.03.0-150600.3.10.1
libpoppler135-24.03.0-150600.3.10.1
libpoppler135-32bit-24.03.0-150600.3.10.1
poppler-tools-24.03.0-150600.3.10.1
typelib-1_0-Poppler-0_18-24.03.0-150600.3.10.1
Ссылки
- Link for SUSE-SU-2025:1342-1
- E-Mail link for SUSE-SU-2025:1342-1
- SUSE Security Ratings
- SUSE Bug 1239939
- SUSE Bug 1240880
- SUSE Bug 1240881
- SUSE CVE CVE-2025-32364 page
- SUSE CVE CVE-2025-32365 page
Описание
A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-cpp0-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-devel-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-glib-devel-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-glib8-24.03.0-150600.3.10.1
Ссылки
- CVE-2025-32364
- SUSE Bug 1240880
Описание
Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-cpp0-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-devel-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-glib-devel-24.03.0-150600.3.10.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:libpoppler-glib8-24.03.0-150600.3.10.1
Ссылки
- CVE-2025-32365
- SUSE Bug 1240881