Information on source package mupdf

Available versions

ReleaseVersion
wheezy0.9-2+deb7u2
wheezy (security)0.9-2+deb7u4
jessie (security)1.5-1+deb8u3
stretch (security)1.9a+ds1-4+deb9u2
buster1.11+ds1-2
sid1.11+ds1-2

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2018-5686vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableIn MuPDF 1.12.0, there is an infinite loop vulnerability and ...
CVE-2017-17866vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablepdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain ...
CVE-2017-14687fixedvulnerable (no DSA)fixedfixedfixedArtifex MuPDF 1.11 allows attackers to cause a denial of service or ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-6060fixedvulnerablevulnerablevulnerablevulnerableStack-based buffer overflow in jstest_main.c in mujstest in Artifex ...
CVE-2016-10247fixedvulnerablevulnerablevulnerablevulnerableBuffer overflow in the my_getline function in jstest_main.c in ...
CVE-2016-10246fixedvulnerablevulnerablevulnerablevulnerableBuffer overflow in the main function in jstest_main.c in Mujstest in ...

Resolved issues

BugDescription
CVE-2017-7264Use-after-free vulnerability in the fz_subsample_pixmap function in ...
CVE-2017-5991An issue was discovered in Artifex Software, Inc. MuPDF before ...
CVE-2017-5896Heap-based buffer overflow in the fz_subsample_pixmap function in ...
CVE-2017-15587An integer overflow was discovered in pdf_read_new_xref_section in ...
CVE-2017-15369The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF ...
CVE-2017-14686Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause ...
CVE-2017-14685Artifex MuPDF 1.11 allows attackers to cause a denial of service or ...
CVE-2016-8728
CVE-2016-8674The pdf_to_num function in pdf-object.c in MuPDF before 1.10 allows ...
CVE-2016-6525Heap-based buffer overflow in the pdf_load_mesh_params function in ...
CVE-2016-6265Use-after-free vulnerability in the pdf_load_xref function in ...
CVE-2016-10221The count_entries function in pdf-layer.c in Artifex Software, Inc. ...
CVE-2014-2013Stack-based buffer overflow in the xps_parse_color function in ...

Security announcements

DSA / DLADescription
DSA-4006-2mupdf - security update
DSA-4006-2mupdf - security update
DLA-1164-1mupdf - security update
DSA-4006-1mupdf - security update
DSA-3797-1mupdf - security update
DSA-3655-1mupdf - security update
DLA-589-1mupdf - security update
DSA-2951-1mupdf - security update

Search for package or bug name: Reporting problems