Information on source package mupdf

Available versions

ReleaseVersion
jessie (security)1.5-1+deb8u4
stretch1.9a+ds1-4+deb9u2
stretch (security)1.9a+ds1-4+deb9u3
buster1.13.0+ds1-1
sid1.13.0+ds1-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-6192vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn Artifex MuPDF 1.12.0, the pdf_read_new_xref function in ...
CVE-2018-6187vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn Artifex MuPDF 1.12.0, there is a heap-based buffer overflow ...
CVE-2018-5686vulnerable (no DSA)vulnerable (no DSA)fixedfixedIn MuPDF 1.12.0, there is an infinite loop vulnerability and ...
CVE-2018-1000040vulnerablevulnerablefixedfixedIn MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs ...
CVE-2018-1000039vulnerablevulnerablefixedfixedIn MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the ...
CVE-2018-1000038vulnerablevulnerablefixedfixedIn MuPDF 1.12.0 and earlier, a stack buffer overflow in function ...
CVE-2018-1000037vulnerablevulnerablefixedfixedIn MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF ...
CVE-2017-17866vulnerable (no DSA)vulnerable (no DSA)fixedfixedpdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain ...
CVE-2017-14687vulnerable (no DSA)fixedfixedfixedArtifex MuPDF 1.11 allows attackers to cause a denial of service or ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2018-10289fixedvulnerablevulnerablevulnerableIn MuPDF 1.13.0, there is an infinite loop in the fz_skip_space ...
CVE-2018-1000036vulnerablevulnerablevulnerablevulnerableIn MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser ...
CVE-2017-6060vulnerablevulnerablevulnerablevulnerableStack-based buffer overflow in jstest_main.c in mujstest in Artifex ...
CVE-2016-10247vulnerablevulnerablevulnerablevulnerableBuffer overflow in the my_getline function in jstest_main.c in ...
CVE-2016-10246vulnerablevulnerablevulnerablevulnerableBuffer overflow in the main function in jstest_main.c in Mujstest in ...

Resolved issues

BugDescription
CVE-2018-6544pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could ...
CVE-2018-1000051Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability ...
CVE-2017-7264Use-after-free vulnerability in the fz_subsample_pixmap function in ...
CVE-2017-5991An issue was discovered in Artifex Software, Inc. MuPDF before ...
CVE-2017-5896Heap-based buffer overflow in the fz_subsample_pixmap function in ...
CVE-2017-17858Heap-based buffer overflow in the ensure_solid_xref function in ...
CVE-2017-15587An integer overflow was discovered in pdf_read_new_xref_section in ...
CVE-2017-15369The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF ...
CVE-2017-14686Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause ...
CVE-2017-14685Artifex MuPDF 1.11 allows attackers to cause a denial of service or ...
CVE-2016-8728An exploitable heap out of bounds write vulnerability exists in the ...
CVE-2016-8674The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows ...
CVE-2016-6525Heap-based buffer overflow in the pdf_load_mesh_params function in ...
CVE-2016-6265Use-after-free vulnerability in the pdf_load_xref function in ...
CVE-2016-10221The count_entries function in pdf-layer.c in Artifex Software, Inc. ...
CVE-2014-2013Stack-based buffer overflow in the xps_parse_color function in ...

Security announcements

DSA / DLADescription
DSA-4152-1mupdf - security update
DSA-4152-1mupdf - security update
DSA-4006-2mupdf - security update
DSA-4006-2mupdf - security update
DLA-1164-1mupdf - security update
DSA-4006-1mupdf - security update
DSA-3797-1mupdf - security update
DSA-3655-1mupdf - security update
DLA-589-1mupdf - security update
DSA-2951-1mupdf - security update

Search for package or bug name: Reporting problems