Bug#1112668: marked as done (trixie-pu: package poppler 25.03.5-5+deb13u2)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#1112668: marked as done (trixie-pu: package poppler 25.03.5-5+deb13u2)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 15 Nov 2025 11:23:16 +0000
Message-id: <[🔎] handler.1112668.D1112668.17632057294149788.ackdone@bugs.debian.org>
Reply-to: 1112668@bugs.debian.org
References: <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk> <CAAajCMa4VjgJyo0=wVs1UqXRqG7YgXZQTWJrwuj6AZAL6H3HaA@mail.gmail.com>

Your message dated Sat, 15 Nov 2025 11:21:45 +0000
with message-id <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 13.2
has caused the Debian Bug report #1112668,
regarding trixie-pu: package poppler 25.03.5-5+deb13u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1112668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112668
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit <submit@bugs.debian.org>
Subject: trixie-pu: package poppler 25.03.5-5+deb13u1
From: Jeremy BÍcha <jbicha@debian.org>
Date: Sun, 31 Aug 2025 13:39:08 -0400
Message-id: <CAAajCMa4VjgJyo0=wVs1UqXRqG7YgXZQTWJrwuj6AZAL6H3HaA@mail.gmail.com>

Package: release.debian.org
Control: affects -1 + src:poppler
X-Debbugs-Cc: poppler@packages.debian.org, team@security.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags:trixie

[ Reason ]
Fix infinite recursion [CVE-2025-50420]

[ Impact ]
This update copies the security fix applied in Ubuntu. The Debian Security
team has marked the issue as "no-dsa" for bookworm.

https://security-tracker.debian.org/tracker/CVE-2025-50420
https://ubuntu.com/security/CVE-2025-50420
https://launchpad.net/ubuntu/+source/poppler

[ Tests ]
This package has autopkgtests which are passing for forky.

I built the package on trixie, installed the packages on Debian 13,
and successfully completed the test cases from
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Papers

I did not specifically test the security fix.

[ Risks ]
Key package for multiple desktops. If it's not possible to use the
GNOME default app Evince or the KDE default app Okular to load PDFs,
Firefox ESR and other browsers can load PDFs instead.

[ Checklist ]
  [✔️] all changes are documented in the d/changelog
  [✔️] I reviewed all changes and I approve them
  [✔️] attach debdiff against the package in stable
  [✔️] the issue is verified as fixed in unstable

Thank you,
Jeremy Bícha

Attachment: poppler_25.03.0-5+deb13u1.debdiff
Description: Binary data

--- End Message ---

--- Begin Message ---

To: 1110859-done@bugs.debian.org, 1111236-done@bugs.debian.org, 1111733-done@bugs.debian.org, 1111734-done@bugs.debian.org, 1111808-done@bugs.debian.org, 1111819-done@bugs.debian.org, 1112097-done@bugs.debian.org, 1112120-done@bugs.debian.org, 1112256-done@bugs.debian.org, 1112261-done@bugs.debian.org, 1112276-done@bugs.debian.org, 1112282-done@bugs.debian.org, 1112283-done@bugs.debian.org, 1112380-done@bugs.debian.org, 1112479-done@bugs.debian.org, 1112557-done@bugs.debian.org, 1112668-done@bugs.debian.org, 1112671-done@bugs.debian.org, 1113711-done@bugs.debian.org, 1113750-done@bugs.debian.org, 1113757-done@bugs.debian.org, 1113761-done@bugs.debian.org, 1113778-done@bugs.debian.org, 1113799-done@bugs.debian.org, 1113804-done@bugs.debian.org, 1113860-done@bugs.debian.org, 1113882-done@bugs.debian.org, 1113902-done@bugs.debian.org, 1113904-done@bugs.debian.org, 1113961-done@bugs.debian.org, 1113979-done@bugs.debian.org, 1114595-done@bugs.debian.org, 1114684-done@bugs.debian.org, 1114755-done@bugs.debian.org, 1114855-done@bugs.debian.org, 1114929-done@bugs.debian.org, 1114979-done@bugs.debian.org, 1115257-done@bugs.debian.org, 1115486-done@bugs.debian.org, 1115530-done@bugs.debian.org, 1115749-done@bugs.debian.org, 1115815-done@bugs.debian.org, 1115860-done@bugs.debian.org, 1115899-done@bugs.debian.org, 1115914-done@bugs.debian.org, 1116012-done@bugs.debian.org, 1116020-done@bugs.debian.org, 1116040-done@bugs.debian.org, 1116053-done@bugs.debian.org, 1116127-done@bugs.debian.org, 1116196-done@bugs.debian.org, 1116201-done@bugs.debian.org, 1116386-done@bugs.debian.org, 1116523-done@bugs.debian.org, 1116526-done@bugs.debian.org, 1116547-done@bugs.debian.org, 1116575-done@bugs.debian.org, 1116665-done@bugs.debian.org, 1116705-done@bugs.debian.org, 1116938-done@bugs.debian.org, 1116945-done@bugs.debian.org, 1116983-done@bugs.debian.org, 1117467-done@bugs.debian.org, 1117469-done@bugs.debian.org, 1117828-done@bugs.debian.org, 1117843-done@bugs.debian.org, 1117876-done@bugs.debian.org, 1117909-done@bugs.debian.org, 1118008-done@bugs.debian.org, 1118037-done@bugs.debian.org, 1118047-done@bugs.debian.org, 1118228-done@bugs.debian.org, 1118374-done@bugs.debian.org, 1118434-done@bugs.debian.org, 1118443-done@bugs.debian.org, 1118458-done@bugs.debian.org, 1118547-done@bugs.debian.org, 1118657-done@bugs.debian.org, 1118663-done@bugs.debian.org, 1118673-done@bugs.debian.org, 1118674-done@bugs.debian.org, 1118737-done@bugs.debian.org, 1119085-done@bugs.debian.org, 1119088-done@bugs.debian.org, 1119115-done@bugs.debian.org, 1119136-done@bugs.debian.org, 1119142-done@bugs.debian.org, 1119256-done@bugs.debian.org, 1119286-done@bugs.debian.org, 1119287-done@bugs.debian.org, 1119288-done@bugs.debian.org, 1119291-done@bugs.debian.org, 1119301-done@bugs.debian.org, 1119303-done@bugs.debian.org, 1119719-done@bugs.debian.org, 1119798-done@bugs.debian.org, 1119854-done@bugs.debian.org, 1119909-done@bugs.debian.org, 1120048-done@bugs.debian.org, 1120050-done@bugs.debian.org, 1120054-done@bugs.debian.org, 1120125-done@bugs.debian.org, 1120129-done@bugs.debian.org, 1120143-done@bugs.debian.org, 1120145-done@bugs.debian.org, 1120148-done@bugs.debian.org, 1120151-done@bugs.debian.org, 1120262-done@bugs.debian.org, 1120278-done@bugs.debian.org, 1120289-done@bugs.debian.org, 1120325-done@bugs.debian.org, 1120345-done@bugs.debian.org, 1120350-done@bugs.debian.org, 1120358-done@bugs.debian.org, 1120360-done@bugs.debian.org, 1120445-done@bugs.debian.org

Subject: Closing requests for updates included in 13.2

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 15 Nov 2025 11:21:45 +0000

Message-id: <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk>
Package: release.debian.org
Version: 13.2

Hi,

The updates referenced in each of these bugs were included in today's
13.2 trixie point release.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#1112479: marked as done (trixie-pu: package logcheck/1.4.5+deb13u1)
Next by Date: Bug#1113711: marked as done (trixie-pu: package libcommons-lang3-java/3.17.0-1+deb13u1)
Previous by thread: Bug#1112479: marked as done (trixie-pu: package logcheck/1.4.5+deb13u1)
Next by thread: Bug#1113711: marked as done (trixie-pu: package libcommons-lang3-java/3.17.0-1+deb13u1)
Index(es):
- Date
- Thread