diff --git a/debian/changelog b/debian/changelog
index 1d4653186a5892d35d973924eb545faccef460b2..e5a81f75c660d59779ff12fe430111b8e5199468 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+poppler (0.86.1-ok5) yangtze; urgency=medium
+
+  * CVE-2022-37050 安全更新: Check XRef's Catalog for being a Dict
+
+ -- kingbridges <kingbridgess@sina.com>  Mon, 18 Dec 2023 10:33:05 +0800
+
 poppler (0.86.1-ok4) yangtze; urgency=medium
 
   * Update package info.
diff --git a/poppler/PDFDoc.cc b/poppler/PDFDoc.cc
index f534ce7aac066e09fab8c474bb116e57c7921bed..ce11a53f82e2eabddb055ea3d0b1d28c8b6efa3e 100644
--- a/poppler/PDFDoc.cc
+++ b/poppler/PDFDoc.cc
@@ -937,6 +937,10 @@ int PDFDoc::savePageAs(const GooString *name, int pageNo)
   
   // get and mark output intents etc.
   Object catObj = getXRef()->getCatalog();
+  if (!catObj.isDict()) {
+    error(errSyntaxError, -1, "XRef's Catelog is not a dictionary");
+    return errOpenFile;
+  }
   Dict *catDict = catObj.getDict();
   Object pagesObj = catDict->lookup("Pages");
   Object afObj = catDict->lookupNF("AcroForm").copy();