MGASA-2017-0479

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0479.html

Import Source

https://advisories.mageia.org/MGASA-2017-0479.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0479

Related

CVE-2016-8674
CVE-2017-15587
CVE-2017-5896
CVE-2017-5991

Published

2017-12-31T12:00:06Z

Modified

2017-12-31T11:31:39Z

Summary

Updated mupdf packages fix security vulnerability

Details

Multiple vulnerabilities have been found in the PDF viewer MuPDF, which may result in denial of service or the execution of arbitrary code if a malformed PDF file is opened (CVE-2016-8674, CVE-2017-5896, CVE-2017-5991)

Terry Chia and Jeremy Heng discovered an integer overflow that can cause arbitrary code execution via a crafted .pdf file (CVE-2017-15587).

References

https://advisories.mageia.org/MGASA-2017-0479.html
https://bugs.mageia.org/show_bug.cgi?id=20310
https://www.debian.org/security/2017/dsa-3797
https://www.debian.org/security/2017/dsa-4006

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0479

Affected packages