| Release | Version |
|---|---|
| jessie | 3.14.1-2+deb8u2 |
| jessie (security) | 3.14.1-2+deb8u3 |
| stretch (security) | 3.22.1-3+deb9u1 |
| buster | 3.30.2-3 |
| bullseye | 3.34.1-1 |
| sid | 3.34.1-1 |
| Bug | jessie | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-1010006 | fixed | vulnerable | fixed | fixed | fixed | Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Pos ... |
| CVE-2017-1000159 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | Command injection in evince via filename when printing to PDF. This af ... |
| Bug | jessie | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-11459 | fixed | vulnerable | vulnerable | fixed | fixed | The tiff_document_render() and tiff_document_get_thumbnail() functions ... |
| Bug | Description |
|---|---|
| TEMP-0612668-CE1EF5 | evince segfault |
| CVE-2017-1000083 | backend/comics/comics-document.c (aka the comic book backend) in GNOME ... |
| CVE-2013-3718 | evince missing check on number of pages |
| CVE-2011-5244 | Multiple off-by-one errors in the (1) token and (2) linetoken function ... |
| CVE-2011-0433 | Heap-based buffer overflow in the linetoken function in afmparse.c in ... |
| CVE-2010-2643 | Integer overflow in the TFM font parser in the dvi-backend component i ... |
| CVE-2010-2642 | Heap-based buffer overflow in the AFM font parser in the dvi-backend c ... |
| CVE-2010-2641 | Array index error in the VF font parser in the dvi-backend component i ... |
| CVE-2010-2640 | Array index error in the PK font parser in the dvi-backend component i ... |
| CVE-2006-5864 | Stack-based buffer overflow in the ps_gettext function in ps.c for GNU ... |
| DSA / DLA | Description |
|---|---|
| DLA-1881-1 | evince - security update |
| DLA-1204-1 | evince - security update |
| DLA-1031-1 | evince - security update |
| DSA-3911-1 | evince - security update |
| DSA-3911-1 | evince - security update |
| DSA-2357-1 | evince - several |
| DSA-1243-1 | evince |