-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6334-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 09, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : poppler CVE ID : CVE-2025-43718 CVE-2025-52885 CVE-2026-10118 Debian Bug : 1117046 1117853 1138708 Several vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service, information disclosure, or potentially the execution of arbitrary code if a specially crafted file is processed. For the oldstable distribution (bookworm), these problems have been fixed in version 22.12.0-2+deb12u2. For the stable distribution (trixie), these problems have been fixed in version 25.03.0-5+deb13u3. We recommend that you upgrade your poppler packages. For the detailed security status of poppler please refer to its security tracker page at: https://security-tracker.debian.org/tracker/poppler Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmoogp5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RfLRAAoBlJe9X2PUKsI2o3CTS6EnV0wHIB8a0kuud07PnfyRBwCfMmu+3o/lsS AhnTol70eilfKXNAaUdT4I76vAy59FHhwNcAC1Gj2OKETK+sz4X+y31vj1Xv+Aja /Tw58kJrckz/+HLsnKv1lBfj7+TWbnvUejMlLkYHUUNprBtvBVW70r+vkKToxIZQ GuxN/6ACEx1pU5tr7ll874aDGxZatFTNspd0wZjFCgF6g+11PpODkFDz/d9IPKsq l0ECBuiHCURrAJO/mmnwc/wf8e6Y1/Lzt9lyyWNCAQ3YikYJXKzkvel1AVpL1D+F M7eYRdITIyQoW8SAq/etZEKJPGbZ9SCnLi+/2yxqC2jtnpSRZp08UI0SvrC9DU8j +3q3KcMLMMt86D/MKMLdwwonNDlgtUi1s7mD6DNFcidKthw4MzdQxtEGQiKcaGqF 1ykG3zV2919Qyl/1lxsyjpX7wuyCKR4p44xeRgg/VeBh+iAq6yi2MoN6ix8tG/FJ XOubdgenc8UvT86+T72X2nnotWYfTYTscSGyEnNnUSV6ThSkbdVf6/QfqrbWXlA3 73Qax1Z9yX8ke3HP3xaKbVnccy7TnGxjeJT8bMzHhSkkZ1ULHrScatbyV90alZRo R9pWh0hU9lAywddhq/kqOwRuvtZPp3h9L/Bd/ycQ/InFZeMXRWU= =Qcet -----END PGP SIGNATURE-----

