-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6062-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : pdfminer CVE ID : CVE-2025-64512 Debian Bug : 1120642 A vulnerability was discovered in pdfminer, a tool for extracting information from PDF documents, which may result in the execution of arbitrary code if a specially crafted PDF file is processed. For the oldstable distribution (bookworm), this problem has been fixed in version 20221105+dfsg-1.1~deb12u1. For the stable distribution (trixie), this problem has been fixed in version 20221105+dfsg-1.1~deb13u1. We recommend that you upgrade your pdfminer packages. For the detailed security status of pdfminer please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pdfminer Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmkmF2NfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QoUQ/+OwSXN7L26dcmzzrX/TKIpxPD0pmvg0NIGwRJJkREVdQ3glVmqUUXRXjY Sx1C/KNQpp3MFbTG+HBcKrtGnUXjXoqtL+bJlJ+YO+PrJvekZOFPjhcwDgRgOIH1 DMnZcAfVv4GOGBo8wMN0HtANVXxIhFYx4+5IFfDrWdMPYqeZ/psWGPD0ucOKzv1j Giw1ysk4Ia6rRQmNR3Qu+Jp3IGRqOrC7tuCcZQctsnvqM0Xv2Nqg49NAawIbjuia GWjJeIse12fVJJtMJTdOcaQUaM9M3CslIkNw0cMzSJjzGg7Ssyrf6o8ZyX6SrWuk vo89SlDrGr059OCP02qV24TGWZdGNE0ilHDEEhljnYyLARkcvZxs5fecyMzPt6bB YvHTWrGh65WhCRclnZruK3VRKM9ahcffVmc+WMbBS4ZBRnmDJLMcKUW8rTmqHxEx UpM4Dd1dAT0lm8zMegZ4GXxuHKWw/Qr4GfPalaIZVfKVPU2h6aNLPMqVIA4VsmHP DS6NbvxGgUV0FrY4kqcj/USLvPCWzi/cGiG1xo6jmoI6mf9q03RnlSvz+xUQeqSP yuUw6O/oSFzGeaOcM92UwjlAKi24+2SX2tfk4P4a5+C1XGNXVBcm8h62RIpKfdeR w4+I9BvtBzHc/XR5iDU5YZhk6vrSob6/l+XdD5zlNtvg4gK3VUE= =Vxf8 -----END PGP SIGNATURE-----
