poppler: fix CVE-2025-52886 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2025-07-11 16:58:42 +0530
committer	Armin Kuster <akuster808@gmail.com>	2025-08-02 13:37:04 -0400
commit	c8a1b909ec78973c9de668d92d9b39a5b005c6d8 (patch)
tree	aed7a5bb086abb0f1d37d82cdd308464039280b3 /meta-python/recipes-devtools/python/python-javaobj-py3.inc
parent	21e370fd3c60ef59216a7633c4bbd2356ea92a6b (diff)
download	meta-openembedded-c8a1b909ec78973c9de668d92d9b39a5b005c6d8.tar.gz

poppler: fix CVE-2025-52886

Poppler is a PDF rendering library. Versions prior to 25.06.0 use `std::atomic_int` for reference counting. Because `std::atomic_int` is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue. References: https://nvd.nist.gov/vuln/detail/CVE-2025-52886 https://security-tracker.debian.org/tracker/CVE-2025-52886 Upstream patches: https://gitlab.freedesktop.org/poppler/poppler/-/commit/3449a16d3b1389870eb3e20795e802c6ae8bc04f https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-javaobj-py3.inc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: