This bug was fixed in the package poppler - 25.03.0-3
---------------
poppler (25.03.0-3) unstable; urgency=high
* Team upload
* SECURITY UPDATE: floating-point exception vulnerability (Closes: #1102190)
- Cherry-pick upstream fix for the PSStack::roll function
in Function.cc
- CVE-2025-32364
* SECURITY UPDATE: out-of-bounds read vulnerability (Closes: #1102191)
- Cherry-pick upstream fix for the JBIG2Bitmap::combine function
in JBIG2Stream.cc (LP: #2106404)
- CVE-2025-32365
-- Jeremy Bícha <[email protected]> Mon, 07 Apr 2025 11:11:10 -0400
** Changed in: poppler (Ubuntu)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-32364
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-32365
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106404
Title:
poppler April 2025 security fixes
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/2106404/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
