MGASA-2025-0134

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2025-0134.html

Import Source

https://advisories.mageia.org/MGASA-2025-0134.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2025-0134

Related

Published

2025-04-12T04:23:49Z

Modified

2025-04-12T03:38:50Z

Summary

Updated poppler packages fix security vulnerabilities

Details

A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash when handling malformed inputs associated with INT_MIN. (CVE-2025-32364) Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. (CVE-2025-32365)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / poppler

Package

Name: poppler
Purl: pkg:rpm/mageia/poppler?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

23.02.0-1.5.mga9

Ecosystem specific

{
    "section": "core"
}