Bug#1127146: libpoppler147: Invalid signature time when signing a PDF
Robert
tehnic at take3.ro
Fri Feb 6 13:08:22 GMT 2026
Package: libpoppler147
Version: 25.03.0-5+deb13u2
Severity: normal
Dear Maintainer,
due to a small format problem in the "signing time" the generated signed PDF
cannot be verified as a fully correct QESig signature.
Upstream already fixed this with an one line patch:
https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1824
Please consider to integrate patch, maybe even in next minor stable version.
Best regards,
Robert
-- System Information:
Debian Release: 13.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.12.63+deb13-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_USER, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ro_RO.UTF-8, LC_CTYPE=ro_RO.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libpoppler147 depends on:
ii libc6 2.41-12+deb13u1
ii libcurl3t64-gnutls 8.14.1-2+deb13u2
ii libfontconfig1 2.15.0-2.3
ii libfreetype6 2.13.3+dfsg-1
ii libgpgmepp6t64 1.24.2-3
ii libjpeg62-turbo 1:2.1.5-4
ii liblcms2-2 2.16-2
ii libnspr4 2:4.36-1
ii libnss3 2:3.110-1
ii libopenjp2-7 2.5.3-2.1~deb13u1
ii libpng16-16t64 1.6.48-1+deb13u1
ii libstdc++6 14.2.0-19
ii libtiff6 4.7.0-3+deb13u1
ii zlib1g 1:1.3.dfsg+really1.3.1-1+b1
Versions of packages libpoppler147 recommends:
ii poppler-data 0.4.12-1
Versions of packages libpoppler147 suggests:
ii gpgsm 2.4.7-21+deb13u1+b1
-- no debconf information
More information about the Pkg-freedesktop-maintainers
mailing list