Fedora 39: FEDORA-2024-891c09df97 Critical: Djvulibre Buffer Overflow
fedora
May 16, 2024
Security fix for CVE-2021-46310 and CVE-2021-46312.
Summary
DjVu is a web-centric format and software platform for distributing documents
and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for
distributing scanned documents, digital documents, or high-resolution pictures.
DjVu content downloads faster, displays and renders faster, looks nicer on a
screen, and consume less client resources than competing formats. DjVu images
display instantly and can be smoothly zoomed and panned with no lengthy
re-rendering.
DjVuLibre is a free (GPL'ed) implementation of DjVu, including viewers,
decoders, simple encoders, and utilities. The browser plugin is in its own
separate sub-package.
Update Information:
Security fix for CVE-2021-46310 and CVE-2021-46312.
Topics Covered
Change Log
* Tue May 7 2024 Marek Kasik
References
[ 1 ] Bug #2234736 - CVE-2021-46312 djvulibre: divide by zero in IW44EncodeCodec.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=2234736
[ 2 ] Bug #2234739 - CVE-2021-46310 djvulibre: divide by zero in IW44Image.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=2234739
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-891c09df97' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: djvulibre
Product: Fedora 39
Version: 3.5.28
Release: 7.fc39
URL:
Summary: DjVu viewers, encoders, and utilities
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!