← Back to team overview

debcrafters-packages team mailing list archive

  1. debcrafters-packages team
  2. Mailing list archive
  3. Message #08561

[Bug 2126687] [NEW] CVE-2025-43718: stack consumption & crash

  Thread PreviousDate PreviousThread Next 
*** This bug is a security vulnerability ***

Public security bug reported:

This is a one-line security fix I'd like to get into questing before
release.

I'm not handling updates for any previous Ubuntu releases for this
issue.

https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672

** Affects: poppler (Ubuntu)
     Importance: Undecided
         Status: In Progress

** Affects: poppler (Debian)
     Importance: Unknown
         Status: Unknown


** Tags: questing

** CVE added: https://cve.org/CVERecord?id=CVE-2025-43718

** Bug watch added: Debian Bug tracker #1117046
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117046

** Also affects: poppler (Debian) via
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117046
   Importance: Unknown
       Status: Unknown

-- 
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to poppler in Ubuntu.
https://bugs.launchpad.net/bugs/2126687

Title:
  CVE-2025-43718: stack consumption & crash

Status in poppler package in Ubuntu:
  In Progress
Status in poppler package in Debian:
  Unknown

Bug description:
  This is a one-line security fix I'd like to get into questing before
  release.

  I'm not handling updates for any previous Ubuntu releases for this
  issue.

  https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/2126687/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next