poppler: fix CVE-2025-43903 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2025-05-13 17:16:12 +0530
committer	Armin Kuster <akuster808@gmail.com>	2025-05-25 14:48:44 -0400
commit	45bddd258a3d1ded925faf8389e01bb948dc7f5b (patch)
tree	e8c7a71017428bb56fe965ff5163e806a7a17c9d /meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch
parent	5c4b61d38a86de2c26f4ce5e57aaa169643ac211 (diff)
download	meta-openembedded-45bddd258a3d1ded925faf8389e01bb948dc7f5b.tar.gz

poppler: fix CVE-2025-43903

NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-43903 Upstream patch: https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: