Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for the package "mupdf" with the upstream fix
for CVE-2020-16600 that affects buster:
* Package name : mupdf
Version : 1.14.0+ds1-4+deb10u3
Upstream Author : http://mupdf.com/
* URL : http://mupdf.com/
* License : AGPL-3+
* Vcs : https://salsa.debian.org/koster/mupdf
Section : text
It builds those binary packages:
mupdf-tools - command line tools for the MuPDF viewer
mupdf - lightweight PDF viewer
libmupdf-dev - development files for the MuPDF viewer
To access further information about this package, please visit the
following URL:
https://mentors.debian.net/package/mupdf/
Alternatively, one can download the package with dget using this command:
dget -x
https://mentors.debian.net/debian/pool/main/m/mupdf/mupdf_1.14.0+ds1-4+deb10u3.dsc
Changes since the last upload:
mupdf (1.14.0+ds1-4+deb10u3) buster-security; urgency=high
.
* Non-maintainer upload.
* Avoid a use-after-free in fz_drop_band_writer (CVE-2020-16600)
Regards,
Bastian
