On Fri, Jul 05, 2019 at 09:19:33PM +0200, Salvatore Bonaccorso wrote: > Source: mupdf > Version: 1.14.0+ds1-4 > Severity: important > Tags: security upstream > Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=701118 > > Hi, > > The following vulnerability was published for mupdf. > > CVE-2019-13290[0]: > | Artifex MuPDF 1.15.0 has a heap-based buffer overflow in > | fz_append_display_node located at fitz/list-device.c, allowing remote > | attackers to execute arbitrary code via a crafted PDF file. This > | occurs with a large BDC property name that overflows the allocated > | size of a display list node. > > I'm not 100% certain, that the issue is not introduced only after the > current version in unstable, but looking at the code I marked it as > found in 1.14.0+ds1-4 already, let me know if you think this was > wrong. Upstream issue it at [1] with fixes [2] and [3].
I can't reproduce with 1.14.0+ds1-4. However, I'll need to apply the patches when I upload 1.15.0+ds1-1, so I'll keep this open. Kanru
signature.asc
Description: PGP signature
