diff --git a/debian/changelog b/debian/changelog
index 893267174c13f4722cf5c1865f49fbb3ce7b852e..94165da1fadc295dd87137c675ea5f3ad2d955dc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+poppler (0.86.1-ok3) yangtze; urgency=medium
+
+  * CVE-2022-38784 安全更新：interger overflow in the JBIG2 decoder
+
+ -- censl <994002368@qq.com>  Mon, 13 Feb 2023 22:59:18 +0800
+
 poppler (0.86.1-ok2) yangtze; urgency=medium
 
   * update version info
diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc
index a861da21453915d5cb4fb4c3a807ed1110974d99..3f6c26f70e915ddeb364daf1c91ba08531c2dab6 100644
--- a/poppler/JBIG2Stream.cc
+++ b/poppler/JBIG2Stream.cc
@@ -2099,7 +2099,11 @@ void JBIG2Stream::readTextRegionSeg(unsigned int segNum, bool imm,
   for (i = 0; i < nRefSegs; ++i) {
     if ((seg = findSegment(refSegs[i]))) {
       if (seg->getType() == jbig2SegSymbolDict) {
-	numSyms += ((JBIG2SymbolDict *)seg)->getSize();
+	const unsigned int segSize = ((JBIG2SymbolDict *)seg)->getSize();
+        if (unlikely(checkedAdd(numSyms, segSize, &numSyms))) {
+        	error(errSyntaxError, getPos(), "Too many symbols in JBIG2 text region");
+		return;
+        }
       } else if (seg->getType() == jbig2SegCodeTable) {
 	codeTables->push_back(seg);
       }