SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1342

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1342

Security update for poppler

Type: security

Severity: moderate

Issued: 2025-04-17

Description:

This update for poppler fixes the following issues:

- CVE-2025-32364: Fixed a floating point exception. (bsc#1240880)
- CVE-2025-32365: Fixed the isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc. (bsc#1240881)
- Adding -fpie compile flag to GCC for Position Independent Executable (PIE) support (bsc#1239939).

References

CVE: CVE-2025-32365
CVE: CVE-2025-32364
Bugzilla: 1240881 VUL-0: CVE-2025-32365: poppler: misplaced isOk check in JBIG2Bitmap::combine function in JBIG2Stream.cc
Bugzilla: 1240880 VUL-0: CVE-2025-32364: poppler,poppler-qt: poppler: Floating-Point Exception
Bugzilla: 1239939 poppler is built without PIE

Packages

poppler-24.03.0-150600.3.10.1

poppler-qt5-24.03.0-150600.3.10.1

poppler-qt6-24.03.0-150600.3.10.1