Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#50590 - [mupdf] Heap overflow, CVE-2016-6525
Attached to Project:
Community Packages
Opened by Santiago Torres (sangy) - Tuesday, 30 August 2016, 15:50 GMT
Last edited by Christian Hesse (eworm) - Tuesday, 30 August 2016, 20:28 GMT
Opened by Santiago Torres (sangy) - Tuesday, 30 August 2016, 15:50 GMT
Last edited by Christian Hesse (eworm) - Tuesday, 30 August 2016, 20:28 GMT
|
DetailsDescription: MuPDF is vulnerable to CVE-2016-6525
Additional info: There is no upstream release to fix this, but there's a Debian backported patch here: https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=833417;filename=mupdf-1.9a%2Bds1-1.2-nmu.diff;msg=10 We can read more about this here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833417 Thanks, -Santiago. |
This task depends upon
Closed by Christian Hesse (eworm)
Tuesday, 30 August 2016, 20:28 GMT
Reason for closing: Fixed
Additional comments about closing: mupdf 1.9_a-5
Tuesday, 30 August 2016, 20:28 GMT
Reason for closing: Fixed
Additional comments about closing: mupdf 1.9_a-5