Version in base suite: 25.03.0-5

Base version: poppler_25.03.0-5
Target version: poppler_25.03.0-5+deb13u2
Base file: /srv/ftp-master.debian.org/ftp/pool/main/p/poppler/poppler_25.03.0-5.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/p/poppler/poppler_25.03.0-5+deb13u2.dsc

 changelog                    |   10 ++++++++++
 gbp.conf                     |    2 +-
 patches/CVE-2025-50420.patch |   34 ++++++++++++++++++++++++++++++++++
 patches/series               |    1 +
 4 files changed, 46 insertions(+), 1 deletion(-)

diff -Nru poppler-25.03.0/debian/changelog poppler-25.03.0/debian/changelog
--- poppler-25.03.0/debian/changelog	2025-07-28 08:55:12.000000000 +0000
+++ poppler-25.03.0/debian/changelog	2025-08-31 18:01:36.000000000 +0000
@@ -1,3 +1,13 @@
+poppler (25.03.0-5+deb13u2) trixie; urgency=high
+
+  [ Leonidas Da Silva Barbosa ]
+  * SECURITY UPDATE: Denial of service
+    - debian/patches/CVE-2025-50420.patch: don't continue
+      recursing in PDFDoc in poppler/PDFDoc.cc.
+    - CVE-2025-50420 (Closes: #1110463)
+
+ -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 31 Aug 2025 14:01:36 -0400
+
 poppler (25.03.0-5) unstable; urgency=high
 
   [ Marc Deslauriers ]
diff -Nru poppler-25.03.0/debian/gbp.conf poppler-25.03.0/debian/gbp.conf
--- poppler-25.03.0/debian/gbp.conf	2025-07-28 08:55:12.000000000 +0000
+++ poppler-25.03.0/debian/gbp.conf	2025-08-31 18:01:36.000000000 +0000
@@ -1,3 +1,3 @@
 [DEFAULT]
-debian-branch = master
+debian-branch = trixie
 pristine-tar = false
diff -Nru poppler-25.03.0/debian/patches/CVE-2025-50420.patch poppler-25.03.0/debian/patches/CVE-2025-50420.patch
--- poppler-25.03.0/debian/patches/CVE-2025-50420.patch	1970-01-01 00:00:00.000000000 +0000
+++ poppler-25.03.0/debian/patches/CVE-2025-50420.patch	2025-08-31 18:01:36.000000000 +0000
@@ -0,0 +1,34 @@
+From 08d7894e4dd0e313c179e30f06ad8f546619b1b3 Mon Sep 17 00:00:00 2001
+From: Sune Vuorela <sune@vuorela.dk>
+Date: Tue, 29 Jul 2025 14:14:00 +0200
+Subject: [PATCH] Fix crash in pdfseparate
+
+Don't continue recursing in PDFDoc::mark* if things looks a bit weirder
+than expected
+---
+ poppler/PDFDoc.cc | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/poppler/PDFDoc.cc b/poppler/PDFDoc.cc
+index 0b0b3215cb..0cfb273884 100644
+--- a/poppler/PDFDoc.cc
++++ b/poppler/PDFDoc.cc
+@@ -1857,6 +1857,15 @@ bool PDFDoc::markAnnotations(Object *annotsObj, XRef *xRef, XRef *countRef, unsi
+             if (obj1.isDict()) {
+                 Dict *dict = obj1.getDict();
+                 Object type = dict->lookup("Type");
++                if (type.isNull()) {
++                    Object subType = dict->lookup("SubType");
++                    // Type is optional, subtype is required
++                    // If neither of them exists, something is probably
++                    // weird here, so let us just skip this entry
++                    if (subType.isNull()) {
++                        continue;
++                    }
++                }
+                 if (type.isName() && strcmp(type.getName(), "Annot") == 0) {
+                     const Object &obj2 = dict->lookupNF("P");
+                     if (obj2.isRef()) {
+-- 
+GitLab
+
diff -Nru poppler-25.03.0/debian/patches/series poppler-25.03.0/debian/patches/series
--- poppler-25.03.0/debian/patches/series	2025-07-28 08:55:12.000000000 +0000
+++ poppler-25.03.0/debian/patches/series	2025-08-31 18:01:36.000000000 +0000
@@ -2,3 +2,4 @@
 CVE-2025-32365.patch
 CVE-2025-43903.patch
 CVE-2025-52886.patch
+CVE-2025-50420.patch