Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-PyPDF2 for openSUSE:Factory checked in at 2026-03-04 21:05:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-PyPDF2 (Old) and /work/SRC/openSUSE:Factory/.python-PyPDF2.new.561 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-PyPDF2" Wed Mar 4 21:05:21 2026 rev:14 rq:1336155 version:2.11.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-PyPDF2/python-PyPDF2.changes 2026-02-23 16:15:21.268273115 +0100 +++ /work/SRC/openSUSE:Factory/.python-PyPDF2.new.561/python-PyPDF2.changes 2026-03-04 21:05:28.129056082 +0100 @@ -1,0 +2,7 @@ +Mon Mar 2 12:22:28 UTC 2026 - Markéta Machová <[email protected]> + +- Add security patches: + * CVE-2026-27628.patch (bsc#1258940) + * CVE-2026-27888.patch (bsc#1258934) + +------------------------------------------------------------------- New: ---- CVE-2026-27628.patch CVE-2026-27888.patch ----------(New B)---------- New:- Add security patches: * CVE-2026-27628.patch (bsc#1258940) * CVE-2026-27888.patch (bsc#1258934) New: * CVE-2026-27628.patch (bsc#1258940) * CVE-2026-27888.patch (bsc#1258934) ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-PyPDF2.spec ++++++ --- /var/tmp/diff_new_pack.Gvg1pF/_old 2026-03-04 21:05:29.185099715 +0100 +++ /var/tmp/diff_new_pack.Gvg1pF/_new 2026-03-04 21:05:29.189099880 +0100 @@ -33,6 +33,10 @@ Patch2: CVE-2026-27025.patch # PATCH-FIX-UPSTREAM CVE-2026-27026.patch bsc#1258693 Patch3: CVE-2026-27026.patch +# PATCH-FIX-UPSTREAM CVE-2026-27628.patch bsc#1258940 +Patch4: CVE-2026-27628.patch +# PATCH-FIX-UPSTREAM CVE-2026-27888.patch bsc#1258934 +Patch5: CVE-2026-27888.patch BuildRequires: %{python_module pip} BuildRequires: %{python_module setuptools} BuildRequires: %{python_module wheel} ++++++ CVE-2026-27628.patch ++++++ >From 0fbd95938724ad2d72688d4112207c0590f0483f Mon Sep 17 00:00:00 2001 From: rampageservices <[email protected]> Date: Sat, 21 Feb 2026 23:17:20 +0800 Subject: [PATCH] BUG: Prevent infinite loop from circular xref /Prev references Malformed PDFs can contain circular /Prev references in the xref chain (e.g., xref A -> /Prev -> xref B -> /Prev -> xref A). This causes _read_xref_tables_and_trailers() to loop forever, spamming "Overwriting cache for N M" warnings on every iteration as the same objects are re-parsed and re-cached indefinitely. Fix: Track visited xref offsets in a set. If a startxref value has already been visited, log a warning and break the loop. Closes #3654 --- PyPDF2/_reader.py | 9 +++++++++ 1 file changed, 9 insertions(+) Index: PyPDF2-2.11.1/PyPDF2/_reader.py =================================================================== --- PyPDF2-2.11.1.orig/PyPDF2/_reader.py +++ PyPDF2-2.11.1/PyPDF2/_reader.py @@ -1564,7 +1564,16 @@ class PdfReader: self.xref_free_entry: Dict[int, Dict[Any, Any]] = {} self.xref_objStm: Dict[int, Tuple[Any, Any]] = {} self.trailer = DictionaryObject() + visited_xref_offsets: set[int] = set() while startxref is not None: + # Detect circular /Prev references in the xref chain + if startxref in visited_xref_offsets: + logger_warning( + f"Circular xref chain detected at offset {startxref}, stopping", + __name__, + ) + break + visited_xref_offsets.add(startxref) # load the xref table stream.seek(startxref, 0) x = stream.read(1) ++++++ CVE-2026-27888.patch ++++++ >From 7a4c8246ed48d9d328fb596942271da47b6d109c Mon Sep 17 00:00:00 2001 From: Stefan <[email protected]> Date: Tue, 24 Feb 2026 18:17:59 +0100 Subject: [PATCH] SEC: Use zlib decompression limit when retrieving XFA data (#3658) --- PyPDF2/_doc_common.py | 5 ++--- tests/test_doc_common.py | 31 ++++++++++++++++++++++++++++++- 2 files changed, 32 insertions(+), 4 deletions(-) Index: PyPDF2-2.11.1/PyPDF2/_reader.py =================================================================== --- PyPDF2-2.11.1.orig/PyPDF2/_reader.py +++ PyPDF2-2.11.1/PyPDF2/_reader.py @@ -30,7 +30,6 @@ import os import re import struct -import zlib from datetime import datetime from io import BytesIO from pathlib import Path @@ -77,6 +76,7 @@ from .errors import ( PdfStreamError, WrongPasswordError, ) +from .filters import _decompress_with_limit from .generic import ( ArrayObject, ContentStream, @@ -1920,7 +1920,6 @@ class PdfReader: @property def xfa(self) -> Optional[Dict[str, Any]]: - tree: Optional[TreeObject] = None retval: Dict[str, Any] = {} catalog = cast(DictionaryObject, self.trailer[TK.ROOT]) @@ -1938,7 +1937,7 @@ class PdfReader: if isinstance(f, IndirectObject): field = cast(Optional[EncodedStreamObject], f.get_object()) if field: - es = zlib.decompress(field._data) + es = _decompress_with_limit(field._data) retval[tag] = es return retval
