Debian 10026 Published by

A poppler security update has been released for Debian GNU/Linux 10 LTS to address two vulnerabilities.

[SECURITY] [DLA 3528-1] poppler security update

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3528-1 Adrian Bunk
August 14, 2023
- -------------------------------------------------------------------------

Package : poppler
Version : 0.71.0-5+deb10u2
CVE ID : CVE-2020-36023 CVE-2020-36024

Two vulnerabilities have been fixed in poppler,
a PDF rendering library.


Infinite loop in FoFiType1C::cvtGlyph()


NULL dereference in FoFiType1C::convertToType1()

For Debian 10 buster, these problems have been fixed in version

We recommend that you upgrade your poppler packages.

For the detailed security status of poppler please refer to
its security tracker page at:

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: