cupsfilters/image-tiff.c | 46 45 + 1 - 0 !
1 file changed, 45 insertions(+), 1 deletion(-)

 [patch] merge commit from fork

* Fix heap-buffer overflow write in cfImageLut

1. fix for CVE-2025-57812

* Reject color images with 1 bit per sample

2. fix for CVE-2025-57812

* Reject images where the number of samples does not correspond with the color space

3. fix for CVE-2025-57812

* Reject images with planar color configuration

4. fix for CVE-2025-57812

* Reject images with vertical scanlines

5.  fix for CVE-2025-57812

cupsfilters/pdftoraster.cxx | 14 14 + 0 - 0 !
1 file changed, 14 insertions(+)

 [patch] fix out-of-bounds write in cffilterpdftoraster()

PDFs with too large page dimensions could cause an integer overflow and then a too small buffer for the pixel line to be allocated.

Fixed this by cropping the page size to the maximum allowed by the standard, 14400x14400pt, 200x200in, 5x5m

https://community.adobe.com/t5/indesign-discussions/maximum-width-of-a-pdf/td-p/9217372

Fixes CVE-2025-64503