Security update for mupdf SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:3064-1 Final 1 1 2017-11-23T17:32:28Z current 2017-11-23T17:32:28Z 2017-11-23T17:32:28Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for mupdf This update for mupdf fixes the following issues: Security issues fixed: - CVE-2017-7976: integer overflow (jbig2_image_compose function in jbig2_image.c) during operations on a crafted .jb2 file (boo#1052029). - CVE-2016-10221: count_entries in pdf-layer.c allows for DoS (boo#1032140). - CVE-2016-8728: Fitz library font glyph scaling Code Execution Vulnerability (boo#1039850). Bug fixes: - Update to version 1.11 * This is primarily a bug fix release. * PDF portfolio support with command line tool 'mutool portfolio'. * Add callbacks to load fallback fonts from the system. * Use system fonts in Android to reduce install size. * Flag to disable publisher styles in EPUB layout. * Improved SVG output. - Add reproducible.patch to sort input files to make build reproducible (boo#1041090) - mupdf is not a terminal app (boo#1036637) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-11/msg00068.html E-Mail link for openSUSE-SU-2017:3064-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 mupdf-1.11-16.1 mupdf-devel-static-1.11-16.1 mupdf-1.11-16.1 as a component of openSUSE Leap 42.2 mupdf-devel-static-1.11-16.1 as a component of openSUSE Leap 42.2 mupdf-1.11-16.1 as a component of openSUSE Leap 42.3 mupdf-devel-static-1.11-16.1 as a component of openSUSE Leap 42.3 The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document. CVE-2016-10221 openSUSE Leap 42.2:mupdf-1.11-16.1 openSUSE Leap 42.2:mupdf-devel-static-1.11-16.1 openSUSE Leap 42.3:mupdf-1.11-16.1 openSUSE Leap 42.3:mupdf-devel-static-1.11-16.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-11/msg00068.html https://www.suse.com/security/cve/CVE-2016-10221.html CVE-2016-10221 https://bugzilla.suse.com/1032140 SUSE Bug 1032140 An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victim needs to open the specially crafted file in a vulnerable reader in order to trigger this vulnerability. CVE-2016-8728 openSUSE Leap 42.2:mupdf-1.11-16.1 openSUSE Leap 42.2:mupdf-devel-static-1.11-16.1 openSUSE Leap 42.3:mupdf-1.11-16.1 openSUSE Leap 42.3:mupdf-devel-static-1.11-16.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-11/msg00068.html https://www.suse.com/security/cve/CVE-2016-8728.html CVE-2016-8728 https://bugzilla.suse.com/1039850 SUSE Bug 1039850 An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the victim to trigger this vulnerability. CVE-2016-8729 openSUSE Leap 42.2:mupdf-1.11-16.1 openSUSE Leap 42.2:mupdf-devel-static-1.11-16.1 openSUSE Leap 42.3:mupdf-1.11-16.1 openSUSE Leap 42.3:mupdf-devel-static-1.11-16.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-11/msg00068.html https://www.suse.com/security/cve/CVE-2016-8729.html CVE-2016-8729 https://bugzilla.suse.com/1039931 SUSE Bug 1039931 Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory. CVE-2017-7976 openSUSE Leap 42.2:mupdf-1.11-16.1 openSUSE Leap 42.2:mupdf-devel-static-1.11-16.1 openSUSE Leap 42.3:mupdf-1.11-16.1 openSUSE Leap 42.3:mupdf-devel-static-1.11-16.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-11/msg00068.html https://www.suse.com/security/cve/CVE-2017-7976.html CVE-2017-7976 https://bugzilla.suse.com/1035032 SUSE Bug 1035032 https://bugzilla.suse.com/1052029 SUSE Bug 1052029