UbuntuUpdates.org

Package "poppler"

Name: poppler

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • PDF rendering library -- development files (GLib interface)
  • PDF rendering library (Qt 5 based shared library)
  • PDF rendering library -- development files (Qt 5 interface)
  • PDF rendering library (Qt 6 based shared library)
Latest version: 24.02.0-1ubuntu9.3
Release: noble (24.04)
Level: updates
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "poppler" in Noble

Repository Area Version
base universe 24.02.0-1ubuntu9
base main 24.02.0-1ubuntu9
security main 24.02.0-1ubuntu9.3
security universe 24.02.0-1ubuntu9.3
updates main 24.02.0-1ubuntu9.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 24.02.0-1ubuntu9.3 2025-04-09 04:07:41 UTC

  poppler (24.02.0-1ubuntu9.3) noble-security; urgency=medium

  * SECURITY UPDATE: DoS via floating point exception
    - debian/patches/CVE-2025-32364.patch: protect against doing int =
      -INT_MIN in poppler/Function.cc.
    - CVE-2025-32364
  * SECURITY UPDATE: DoS in JBIG2Bitmap::combine function
    - debian/patches/CVE-2025-32365.patch: move isOk check to inside
      JBIG2Bitmap::combine in poppler/JBIG2Stream.cc.
    - CVE-2025-32365

 -- Marc Deslauriers <email address hidden> Mon, 07 Apr 2025 12:18:03 -0400
Source diff to previous version
CVE-2025-32364 A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs a
CVE-2025-32365 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a

Version: 24.02.0-1ubuntu9.2 2025-01-16 19:07:07 UTC

  poppler (24.02.0-1ubuntu9.2) noble-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read in pdf file parsing.
    - debian/patches/CVE-2024-56378.patch: Add checks to unlikely and destPtr
      in poppler/JBIG2Stream.cc.
    - CVE-2024-56378

 -- Hlib Korzhynskyy <email address hidden> Tue, 14 Jan 2025 12:26:08 -0330
Source diff to previous version
CVE-2024-56378 libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc.

Version: 24.02.0-1ubuntu9.1 2024-07-25 01:07:26 UTC

  poppler (24.02.0-1ubuntu9.1) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-6239.patch: fix crash in broken
      documents when using -dests in utils/pdfinfo.c.
    - CVE-2024-6239

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 26 Jun 2024 09:54:47 -0300
CVE-2024-6239 A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed inp


About   -   Send Feedback to @ubuntu_updates