Accepting request 1323155 from X11:common:Factory

OBS-URL: https://build.opensuse.org/request/show/1323155
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/poppler?expand=0&rev=221

poppler-25.09.1.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0c1091d01d3dd1664a13816861e812d02b29201e96665454b81b52d261fad658
-size 1980980

poppler-25.09.1.tar.xz.sig

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEyiYsbIPeTS+yijMqOmpNuDnqptcFAmi4qVQACgkQOmpNuDnq
-ptdMyhAAhGRDeBK/m0RX2Yv5lAKbYITg9ZvKiPV+1C4h/YPldD5txrnL27MrZLYF
-Iz5Xcn2S0TFt9cZ3HWZOEvBZiEKjPZ7qoCbgGBgz1CCjky8yt8W1MAhTTIGaz2dU
-q6K0UxFnGbi/gUW1voO1gAaM0DS8t33Z27XB+6UsTkYxt72tpD8B48KItgUODfEP
-nNfTxdxwNOM2vULIzdIUAQhpOmqmi9CJZcdUg6qpKbm0nixqLq603wKoPFK8Cq9B
-47apBbKK/9u4jLXLN639owXGGFerCNQNDcYHpZROWztQWlqJN7wfmyx/blFm1rX1
-BYbMrYsmf+S/J31DMlEVuwAftCL6BRW6p2nSeRzbozjW7uJkUuRjlxGxnGBIKVbu
-FuzP9h93OSEQxdZgEOXQ4szDzJ2zDEuqY2HKESaH+Id8VOgvAM1xsFwB5cqPL14v
-DQT7pygNrrd0vLF/jbvJU+bBS2KBVbX3wsGUTss8NzuRqQ41s+AnNeX/uTnAdX6t
-XmSH7LKTQ/fNkN2hSQ3RrpRON0+UOpFjb0rSAVvFJU+T7yA7liUa0G0szOfR6Z5T
-v9nInykc/9LBaL6eb78CLWUMRL0V/n8hbrFosFmd/VR7qF8uKf9mnuiTtMWgqH5N
-AY+8JvRSTJZU6SU3dtULfpetu8xmwAZt3dahjZYN8eV/bGof+Y4=
-=ji4F
------END PGP SIGNATURE-----

poppler-25.12.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c18b40eb36b1a0c5b86e29ca054bf0770304583da4f2cdd42fe86eca6a20de48
+size 1992456

poppler-25.12.0.tar.xz.sig

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEyiYsbIPeTS+yijMqOmpNuDnqptcFAmkt0igACgkQOmpNuDnq
+pteYrg/+LFVRQgGxS1hSnfcUlx3pPIlO8wYAAMyfokSPmpShOLoR6UgIK3VcN4/Q
+wHJC7rIjPzQupCbB7cf9KrCvW2E1ztiiDzN0d/YC4LLbhHnmD/LqSP1iWX+g/W+X
+bJPLI4/xqwWNOpj9rpVGkDlI1MMLFWXg148nYs5XOcbUofjo2bFzfZExCZmhOQfQ
+b29E50kRcEQ0tA8FxAlVq/Ap5H2o7T1j9eG4vDn6mWx/CIjAeAs/O3RU/5kaPTBt
+klTGnRXkfREw+13ehdHjT1an5hV4K+FiashkcM7UM6RYZEFlSZKaI8cw4tgS3P4d
+QPHmAFOXnnwyxdwocqD2wGddwTiFwpL478Cn9Njx0KUR1TnNJpMOW98gA8ohTsJQ
+VGcGnHgBgpTRC8aEu5MeJ9YHndvRTpcgG+oGbln3nnsHkoavSA2A52MhCdsR6HRJ
+mKk6Ch952/niI3BJsiD+0uyn8CoqQYrVTKnOFSPO5i5dHS/NKwUiVSe52spoR5m+
+fGVXJF+p3pkfE+TBavZnZq5SxCMzDyC87Jw2R2pRP/7DNaXNY69JyH1Hri9jtPAI
+r5hFzjb/GUaYOSyh9Qx/Widhz96UlaMDcd9hBGsqa7ekCqwWOzk3rv+iA0NtZV8U
+PTHqwqvhJ3u/0sX6hZLkut/SiOO/CfGIW/S6z/A336qxt4ptK1k=
+=cTzK
+-----END PGP SIGNATURE-----

poppler-CVE-2025-52885.patch

@@ -1,27 +0,0 @@
-From 4ce27cc826bf90cc8dbbd8a8c87bd913cccd7ec0 Mon Sep 17 00:00:00 2001
-From: Kevin Backhouse <kevinbackhouse@github.com>
-Date: Wed, 3 Sep 2025 14:36:54 +0100
-Subject: [PATCH] Check for duplicate entries
-
----
- poppler/StructTreeRoot.cc | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/poppler/StructTreeRoot.cc b/poppler/StructTreeRoot.cc
-index eb46147bd1..fc7bf4ceb0 100644
---- a/poppler/StructTreeRoot.cc
-+++ b/poppler/StructTreeRoot.cc
-@@ -136,6 +136,10 @@ void StructTreeRoot::parseNumberTreeNode(const Dict &node)
-                 }
-                 int keyVal = key.getInt();
-                 std::vector<Parent> &vec = parentTree[keyVal];
-+                if (!vec.empty()) {
-+                    error(errSyntaxError, -1, "Nums item at position {0:d} is a duplicate entry for key {1:d}", i, keyVal);
-+                    continue;
-+                }
- 
-                 Object valueArray = nums.arrayGet(i + 1);
-                 if (valueArray.isArray()) {
--- 
-GitLab
-

poppler.changes

@@ -1,3 +1,49 @@
+-------------------------------------------------------------------
+Tue Dec  9 14:12:46 UTC 2025 - Petr Gajdos <pgajdos@suse.com>
+
+- version update to 25.12.0:
+        core:
+         * Be less strict about the Page Annots object being correct. Issue #1641
+         * Fix rendering of some annotations. Issue #1642
+         * TextOuputDev: change default line ending to \n
+         * Splash: Performance improvements
+         * Ignore color operators when painting a Type3 font with d1
+         * Internal code improvements
+         * Fix crashes in malformed documents
+         * NSS Signatures: Tweak the logic that decides which firefox profile to use
+         * NSS Signatures: call PORT_GetError() only if the preceding CERT_PKIXVerifyCert() fails
+         * Splash: Performance improvements
+         * Fix crashes in malformed documents
+         * Fix image signature getting lost
+         * Don't embed substitutions for base14 fonts
+         * Form font improvements
+         * Handle signatures padded with random data
+         * Add feature to Ink annotation to render with multiply blend mode
+         * Internal code improvements
+         * Fix crashes in malformed documents
+        utils:
+         * pdfsig: specify search order for NSS certificate database on the man page
+        build system:
+         * Switch to C++23
+        glib:
+         * Fix ocsp check for signatures validation
+         * Fix warning when running glib-mkenums
+         * Fix signature text
+         * Add feature to Ink annotation to render with multiply blend mode
+        cpp:
+         * Added embedded_file::unicodeName function
+- fixes CVE-2025-11896 [bsc#1252337]
+        CVE-2025-52885 [bsc#1251940]
+  (removed poppler-CVE-2025-11896.patch and poppler-CVE-2025-52885.patch)
+
+-------------------------------------------------------------------
+Tue Dec  9 09:45:39 UTC 2025 - Petr Gajdos <pgajdos@suse.com>
+
+- security update
+- added patches
+  CVE-2025-11896 [bsc#1252337], infinite recursion leading to stack overflow due to object loop in PDF CMap
+  * poppler-CVE-2025-11896.patch
+
 -------------------------------------------------------------------
 Sat Nov 22 21:23:26 CET 2025 - Stanislav Brabec <sbrabec@suse.com>
 

poppler.spec

@@ -1,6 +1,7 @@
 #
 # spec file for package poppler
 #
+# Copyright (c) 2025 SUSE LLC
 # Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
@@ -24,7 +25,7 @@
 %endif
 # Actual version of poppler-data:
 %define poppler_data_version 0.4.11
-%define poppler_sover 153
+%define poppler_sover 155
 %define poppler_cpp_sover 2
 %define poppler_glib_sover 8
 %define poppler_qt5_sover 1
@@ -32,7 +33,7 @@
 %define poppler_api 0.18
 %define poppler_apipkg 0_18
 Name:           poppler%{?psuffix}
-Version:        25.09.1
+Version:        25.12.0
 Release:        0
 Summary:        PDF Rendering Library
 License:        GPL-2.0-only OR GPL-3.0-only
@@ -42,8 +43,6 @@ Source:         %{url}/%{sname}-%{version}.tar.xz
 Source1:        %{url}/%{sname}-%{version}.tar.xz.sig
 Source90:       poppler.keyring
 Source99:       baselibs.conf
-# CVE-2025-52885 [bsc#1251940], raw pointers can lead to dangling pointers when the vector is resized
-Patch0:         poppler-CVE-2025-52885.patch
 
 BuildRequires:  cmake >= 3.10
 BuildRequires:  gtk-doc