-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : mupdf Version : 0.9-2+deb7u3 CVE ID : CVE-2016-6525 Debian Bug : 833417
A flaw was discovered in the pdf_load_mesh_params() function allowing out-of-bounds write access to memory locations. With carefully crafted input, that could trigger a heap overflow, resulting in application crash or possibly having other unspecified impact. For Debian 7 "Wheezy", these problems have been fixed in version 0.9-2+deb7u3. We recommend that you upgrade your mupdf packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXqGIYAAoJEBvzc5c7ZRqnuREP/R6L6QMe/WDWjVZmRpm/bB2p dERyIwxrMSUe57V+cyYru1nVZ6uAvDGfGEsJz9IL1aNQc4EZGw9MA6GXQiynFnS+ wQtPNGEuLLXyA7lgH9A4DrCeiEFthNLADXe87GXqgflqY8+oyrGnDs2qjh6/dIzq 3Wh8a8FyYdM6zKgW77zrQFRrNGa4R2OD9wBhUNUFRdgR7BYdMrF3nw7llwGOC/Qj /iW5Xuh++B7a1pEOscZ36hUnlav/8Trj4hliyg8c3C8hD38wojKjwdSguT42lh1U nsgG8TvtEAQ9dEH7jC6J108MCgWLXYZ8iZ0FqwKZ6RpreBjjLB6vhQPDVcy8uESB L5B/B/yFoaI3vJwhTR7WK9IHL/8LiQ4AhJeoHp4Wqtrrx9Hvu2QIu2Hft8usrQlx cc/8CDvI0IZMkYfJmVNYwOUjOQ5qMd5WIyoNc285+8q1W74jswe6qoodM+gK1uLL RjMYnHRJfALgjKv80fmQD/v8d7QmP65oKP2Xc/Jc6THu8aGTP0m1ym7HsIygVLQF wgsImfOIy77Mg4AWA2t+pDsv6wgYgVtxSK1ucY3RuFXwV4ZVQy+ZXolMVttqS085 oc0aG3fVi85JAS882yP0+V15v5RMuzlDUFTG6DrHTPr/rlGAz20gyz9plzS5PMg0 2UwET3tP9FjQ7pLehLZe =JloS -----END PGP SIGNATURE-----