ELA-1468-1 poppler security update

denial of service

2025-06-21
Packagepoppler
Version0.48.0-2+deb9u7 (stretch)
Related CVEs CVE-2017-7515 CVE-2017-14617 CVE-2018-20551 CVE-2019-9903 CVE-2020-23804 CVE-2022-37050 CVE-2022-37051 CVE-2022-37052 CVE-2022-38349 CVE-2024-56378 CVE-2025-32364 CVE-2025-32365


Multiple vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service. An attacker could make poppler-based applications crash through various means.

Additionally, boomaga (BOOklet MAnager), a virtual preview printer, was rebuilt to handle ABI-breaking changes in the poppler private API.



For Debian 9 stretch, these problems have been fixed in version 0.48.0-2+deb9u7.

We recommend that you upgrade your poppler packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.