Debian Package Tracker
Register | Log in
Subscribe

pypdf

Pure-Python library built as a PDF toolkit (Python 3)

Choose email to subscribe with

general
  • source: pypdf (main)
  • version: 5.4.0-1
  • maintainer: Debian Python Team (DMD)
  • uploaders: Daniel Kahn Gillmor [DMD] – Scott Kitterman [DMD]
  • arch: all
  • std-ver: 4.7.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • oldstable: 3.4.1-1+deb12u1
  • stable: 5.4.0-1
  • testing: 5.4.0-1
  • unstable: 5.4.0-1
versioned links
  • 3.4.1-1+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 5.4.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • python3-pypdf
action needed
A new upstream version is available: 6.1.1 high
A new upstream version 6.1.1 is available, you should consider packaging it.
Created: 2025-05-12 Last update: 2025-10-18 21:03
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2025-55197: pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.0.0. If an update is not possible, a workaround involves including the fixed code from pypdf.filters.decompress into the existing filters file.
Created: 2025-08-15 Last update: 2025-08-21 16:01
1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:
  • CVE-2025-55197: pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.0.0. If an update is not possible, a workaround involves including the fixed code from pypdf.filters.decompress into the existing filters file.
Created: 2025-08-15 Last update: 2025-08-21 16:01
1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:
  • CVE-2025-55197: (needs triaging) pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.0.0. If an update is not possible, a workaround involves including the fixed code from pypdf.filters.decompress into the existing filters file.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-15 Last update: 2025-08-21 16:01
1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:
  • CVE-2025-55197: (needs triaging) pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.0.0. If an update is not possible, a workaround involves including the fixed code from pypdf.filters.decompress into the existing filters file.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-15 Last update: 2025-08-21 16:01
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).
Created: 2025-02-21 Last update: 2025-04-02 23:56
news
[rss feed]
  • [2025-04-10] pypdf 5.4.0-1 MIGRATED to testing (Debian testing watch)
  • [2025-04-02] Accepted pypdf 5.4.0-1 (source) into unstable (Santiago Ruano Rincón)
  • [2024-07-24] pypdf 4.3.1-1 MIGRATED to testing (Debian testing watch)
  • [2024-07-22] Accepted pypdf 4.3.1-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-04-11] pypdf 4.2.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-04-09] Accepted pypdf 4.2.0-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-03-18] pypdf 4.1.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-03-08] Accepted pypdf 4.1.0-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-02-26] Accepted pypdf 3.4.1-1~bpo11+1 (source all) into bullseye-backports (Debian FTP Masters) (signed by: bage@debian.org)
  • [2024-02-23] pypdf 4.0.2-1 MIGRATED to testing (Debian testing watch)
  • [2024-02-21] Accepted pypdf 4.0.2-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-02-06] pypdf 4.0.1-1 MIGRATED to testing (Debian testing watch)
  • [2024-02-01] Accepted pypdf 4.0.1-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-01-27] pypdf 4.0.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-01-23] Accepted pypdf 4.0.0-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-01-20] Accepted pypdf 3.4.1-1+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Donald Scott Kitterman)
  • [2024-01-19] Accepted pypdf 4.0.0-1~exp1 (source) into experimental (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2024-01-17] pypdf 3.17.4-1 MIGRATED to testing (Debian testing watch)
  • [2024-01-14] Accepted pypdf 3.17.4-1 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
  • [2023-02-25] pypdf 3.4.1-1 MIGRATED to testing (Debian testing watch)
  • [2023-02-14] Accepted pypdf 3.4.1-1 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
  • [2023-01-29] pypdf 3.3.0-3 MIGRATED to testing (Debian testing watch)
  • [2023-01-26] Accepted pypdf 3.3.0-3 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
  • [2023-01-26] Accepted pypdf 3.3.0-2 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
  • [2023-01-23] Accepted pypdf 3.3.0-1 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
  • [2023-01-20] Accepted pypdf 3.2.1-1 (source all) into unstable (Debian FTP Masters) (signed by: dkg@debian.org)
bugs [bug history graph]
  • all: 1
  • RC: 0
  • I&N: 1
  • M&W: 0
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 5.4.0-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing