Debian Wheezy DLA-1164-1 Moderate: MuPDF Denial Of Service Threat
debian lts
November 7, 2017
Two security issues were discovered in mupdf, a lightweight PDF viewer
Topics Covered
Summary
CVE-2017-14687
MuPDF allows attackers to cause a denial of service or possibly have
unspecified other impact via a crafted .xps file. This occurs because of mishandling of XML tag name comparisons.
CVE-2017-15587
An integer overflow was discovered in pdf_read_new_xref_section in
pdf/pdf-xref.c
For Debian 7 "Wheezy", these problems have been fixed in version
0.9-2+deb7u4.
We recommend that you upgrade your mupdf packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Package: mupdf
Version: 0.9-2+deb7u4
CVE ID: CVE-2017-14687 CVE-2017-15587
Debian Bug: 877379 879055
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!