UbuntuUpdates.org

Package "libpoppler-glib-doc"

Name: libpoppler-glib-doc

Description:

PDF rendering library -- documentation for the GLib interface
Latest version: 22.02.0-2ubuntu0.8
Release: jammy (22.04)
Level: updates
Repository: main
Head package: poppler
Homepage: https://poppler.freedesktop.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libpoppler-glib-doc"

All arch deb package
APT INSTALL

Other versions of "libpoppler-glib-doc" in Jammy

Repository Area Version
base main 22.02.0-2
security main 22.02.0-2ubuntu0.8

Changelog

Version: 22.02.0-2ubuntu0.8 2025-04-30 00:07:09 UTC

  poppler (22.02.0-2ubuntu0.8) jammy-security; urgency=medium

  * SECURITY UPDATE: signature validation
    - debian/patches/CVE-2025-43903.patch: Properly verify adbe.pkcs7.sha1
      signatures.
    - CVE-2025-43903

 -- Fabian Toepfer <email address hidden> Thu, 24 Apr 2025 14:59:10 +0200
Source diff to previous version
CVE-2025-43903 NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forge

Version: 22.02.0-2ubuntu0.7 2025-04-09 04:07:37 UTC

  poppler (22.02.0-2ubuntu0.7) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS via floating point exception
    - debian/patches/CVE-2025-32364.patch: protect against doing int =
      -INT_MIN in poppler/Function.cc.
    - CVE-2025-32364
  * SECURITY UPDATE: DoS in JBIG2Bitmap::combine function
    - debian/patches/CVE-2025-32365.patch: move isOk check to inside
      JBIG2Bitmap::combine in poppler/JBIG2Stream.cc.
    - CVE-2025-32365

 -- Marc Deslauriers <email address hidden> Mon, 07 Apr 2025 12:59:39 -0400
Source diff to previous version
CVE-2025-32364 A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs a
CVE-2025-32365 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a

Version: 22.02.0-2ubuntu0.6 2025-01-16 19:07:04 UTC

  poppler (22.02.0-2ubuntu0.6) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read in pdf file parsing.
    - debian/patches/CVE-2024-56378.patch: Add checks to unlikely and destPtr
      in poppler/JBIG2Stream.cc.
    - CVE-2024-56378

 -- Hlib Korzhynskyy <email address hidden> Tue, 14 Jan 2025 12:44:37 -0330
Source diff to previous version
CVE-2024-56378 libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.

Version: 22.02.0-2ubuntu0.5 2024-07-25 01:07:16 UTC

  poppler (22.02.0-2ubuntu0.5) jammy-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-6239.patch: fix crash in broken
      documents when using -dests in utils/pdfinfo.c.
    - CVE-2024-6239

 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 27 Jun 2024 14:11:16 -0300
Source diff to previous version
CVE-2024-6239 A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed inp

Version: 22.02.0-2ubuntu0.4 2024-05-08 10:06:58 UTC

  poppler (22.02.0-2ubuntu0.4) jammy; urgency=medium

  * Add fix-invisible-form-fields.patch:
    - Pick upstream fix for a regression making fields invisible
      (LP: #1980836)

 -- Timo Jyrinki <email address hidden> Wed, 17 Apr 2024 14:49:37 +0300
1980836 Regression in Ubuntu 22.04: Content of form field stored invisibly


About   -   Send Feedback to @ubuntu_updates