Updated poppler packages fix security vulnerabilitiy
Publication date: 05 May 2025Modification date: 05 May 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-43903
Description
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries. (CVE-2025-43903)
References
SRPMS
9/core
- poppler-23.02.0-1.6.mga9