Security update for mupdf SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0504-1 Final 1 1 2017-02-18T10:05:00Z current 2017-02-18T10:05:00Z 2017-02-18T10:05:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for mupdf This update for mupdf fixes the following vulnerabilities: - CVE-2017-5627: Integer overflow in the mujs implementation (boo#1022503) - CVE-2017-5628: Integer overflow in the mujs implementation (boo#1022504) - CVE-2017-5896: heap overflow (boo#1023761, boo#1024679) - NULL pointer dereference in dodrawpage (boo#1023760) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-02/msg00084.html E-Mail link for openSUSE-SU-2017:0504-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 mupdf-1.10a-11.2 mupdf-devel-static-1.10a-11.2 mupdf-1.10a-11.2 as a component of openSUSE Leap 42.1 mupdf-devel-static-1.10a-11.2 as a component of openSUSE Leap 42.1 mupdf-1.10a-11.2 as a component of openSUSE Leap 42.2 mupdf-devel-static-1.10a-11.2 as a component of openSUSE Leap 42.2 An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file. CVE-2017-5627 openSUSE Leap 42.1:mupdf-1.10a-11.2 openSUSE Leap 42.1:mupdf-devel-static-1.10a-11.2 openSUSE Leap 42.2:mupdf-1.10a-11.2 openSUSE Leap 42.2:mupdf-devel-static-1.10a-11.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00084.html https://www.suse.com/security/cve/CVE-2017-5627.html CVE-2017-5627 https://bugzilla.suse.com/1022503 SUSE Bug 1022503 An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. CVE-2017-5628 openSUSE Leap 42.1:mupdf-1.10a-11.2 openSUSE Leap 42.1:mupdf-devel-static-1.10a-11.2 openSUSE Leap 42.2:mupdf-1.10a-11.2 openSUSE Leap 42.2:mupdf-devel-static-1.10a-11.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00084.html https://www.suse.com/security/cve/CVE-2017-5628.html CVE-2017-5628 https://bugzilla.suse.com/1022504 SUSE Bug 1022504 Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. CVE-2017-5896 openSUSE Leap 42.1:mupdf-1.10a-11.2 openSUSE Leap 42.1:mupdf-devel-static-1.10a-11.2 openSUSE Leap 42.2:mupdf-1.10a-11.2 openSUSE Leap 42.2:mupdf-devel-static-1.10a-11.2 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00084.html https://www.suse.com/security/cve/CVE-2017-5896.html CVE-2017-5896 https://bugzilla.suse.com/1023761 SUSE Bug 1023761 https://bugzilla.suse.com/1024679 SUSE Bug 1024679 https://bugzilla.suse.com/1031053 SUSE Bug 1031053