Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:27725 - Security Advisory
Issued:
2026-06-22
Updated:
2026-06-22

RHSA-2026:27725 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: poppler security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for poppler is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

Security Fix(es):

  • poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication (CVE-2026-10118)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Fixes

  • BZ - 2460428 - CVE-2026-10118 poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

CVEs

  • CVE-2026-10118

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.6

SRPM
poppler-20.11.0-5.el8_6.1.src.rpm SHA-256: dde71d68d83585fa4569492d6f39a750f07c7ea2c29afa485e16b1111aec1e23
x86_64
poppler-20.11.0-5.el8_6.1.i686.rpm SHA-256: 50a6e311501b1d375e64d848efa3768725c022ddf43cd4b7b533b81cb3a9431d
poppler-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: 14820b79355d6eccf2f0ef82af843d3b6b385251beceb056b816b28dd16204b7
poppler-cpp-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 78c5be1aa8b5c3878385fbee13a609ebaeb6a6fecf4b51b342e80341db097d47
poppler-cpp-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: d1e5b41738138f41893df317667d94d5b00d45c5c3160354b103d7357bfe49e2
poppler-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: b8e7043a730cd891d21385c2e29898a1de68d9bded340a9044015a34639165f7
poppler-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: e898232442c19f15bc86fa014f510e20ff3c77470ff900ec7b289052d2183e0f
poppler-debugsource-20.11.0-5.el8_6.1.i686.rpm SHA-256: c9b644562acca754ca10178edad38990173452e76d478e17853fd38008f44f27
poppler-debugsource-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: c62c194eb9fd2eceaeb9b43ac3c76a79be5acf632b57da39b50d2a7e771d3d0c
poppler-glib-20.11.0-5.el8_6.1.i686.rpm SHA-256: 2e5a4af5d1e7af3bbd52c075631fd692e1b1c36b84e96af6e572e4701b552e56
poppler-glib-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: d8ff07e07c906841be1b4b25d4111488dc587060689baee215b75d7f7797561c
poppler-glib-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 636aec42ce491ecc7c7ec27d2de1688c79b37ec4f8d1fb72d952f7468bbf4a3f
poppler-glib-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: db10c7080d0c7cf258722d4fb17d80d842ae567fc957be13e35e5ccc905b3b55
poppler-qt5-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 68fd1f8d0f9b595b84d6fc23990b908fa21e2a6bddda3afa3f8bcb298c12fdcb
poppler-qt5-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: c3ec7d21efdddc4912b8df4029bc7ccbc7d2b1dda986db64287759a6cb772188
poppler-utils-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: a5b8e93869a60430b4e09e5a5ad6cc6cf37c5abb8acf244619973a841fe6dadb
poppler-utils-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 555143b27017a265320afbcb12dad15ab69e4ef8b4c8ae8353abfa34ef2387fc
poppler-utils-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: a92c65c654f8797c317657d77f9b52562802582b0975f74f8d88532bcd9df019

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
poppler-20.11.0-5.el8_6.1.src.rpm SHA-256: dde71d68d83585fa4569492d6f39a750f07c7ea2c29afa485e16b1111aec1e23
x86_64
poppler-20.11.0-5.el8_6.1.i686.rpm SHA-256: 50a6e311501b1d375e64d848efa3768725c022ddf43cd4b7b533b81cb3a9431d
poppler-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: 14820b79355d6eccf2f0ef82af843d3b6b385251beceb056b816b28dd16204b7
poppler-cpp-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 78c5be1aa8b5c3878385fbee13a609ebaeb6a6fecf4b51b342e80341db097d47
poppler-cpp-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: d1e5b41738138f41893df317667d94d5b00d45c5c3160354b103d7357bfe49e2
poppler-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: b8e7043a730cd891d21385c2e29898a1de68d9bded340a9044015a34639165f7
poppler-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: e898232442c19f15bc86fa014f510e20ff3c77470ff900ec7b289052d2183e0f
poppler-debugsource-20.11.0-5.el8_6.1.i686.rpm SHA-256: c9b644562acca754ca10178edad38990173452e76d478e17853fd38008f44f27
poppler-debugsource-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: c62c194eb9fd2eceaeb9b43ac3c76a79be5acf632b57da39b50d2a7e771d3d0c
poppler-glib-20.11.0-5.el8_6.1.i686.rpm SHA-256: 2e5a4af5d1e7af3bbd52c075631fd692e1b1c36b84e96af6e572e4701b552e56
poppler-glib-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: d8ff07e07c906841be1b4b25d4111488dc587060689baee215b75d7f7797561c
poppler-glib-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 636aec42ce491ecc7c7ec27d2de1688c79b37ec4f8d1fb72d952f7468bbf4a3f
poppler-glib-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: db10c7080d0c7cf258722d4fb17d80d842ae567fc957be13e35e5ccc905b3b55
poppler-qt5-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 68fd1f8d0f9b595b84d6fc23990b908fa21e2a6bddda3afa3f8bcb298c12fdcb
poppler-qt5-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: c3ec7d21efdddc4912b8df4029bc7ccbc7d2b1dda986db64287759a6cb772188
poppler-utils-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: a5b8e93869a60430b4e09e5a5ad6cc6cf37c5abb8acf244619973a841fe6dadb
poppler-utils-debuginfo-20.11.0-5.el8_6.1.i686.rpm SHA-256: 555143b27017a265320afbcb12dad15ab69e4ef8b4c8ae8353abfa34ef2387fc
poppler-utils-debuginfo-20.11.0-5.el8_6.1.x86_64.rpm SHA-256: a92c65c654f8797c317657d77f9b52562802582b0975f74f8d88532bcd9df019

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility