Security update for mupdf SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0369-1 Final 1 1 2017-02-02T22:47:29Z current 2017-02-02T22:47:29Z 2017-02-02T22:47:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for mupdf This update for mupdf to version 1.10a fixes the following issues: These security issues were fixed: - CVE-2016-10132: Null pointer dereference in regexp because of a missing check after allocating memory allowing for DoS (bsc#1019877). - CVE-2016-10133: Heap buffer overflow write in js_stackoverflow allowing for DoS or possible code execution (bsc#1019877). - CVE-2016-10141: An integer overflow vulnerability triggered by a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition (bsc#1019877). These non-security issues were fixed: - A bug with mutool and saving PDF files using the 'ascii' option has been fixed. - Stop defining OPJ_STATIC The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-02/msg00012.html E-Mail link for openSUSE-SU-2017:0369-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 mupdf-1.10a-6.3 mupdf-devel-static-1.10a-6.3 mupdf-1.10a-6.3 as a component of openSUSE Leap 42.2 mupdf-devel-static-1.10a-6.3 as a component of openSUSE Leap 42.2 regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. CVE-2016-10132 openSUSE Leap 42.2:mupdf-1.10a-6.3 openSUSE Leap 42.2:mupdf-devel-static-1.10a-6.3 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00012.html https://www.suse.com/security/cve/CVE-2016-10132.html CVE-2016-10132 https://bugzilla.suse.com/1019877 SUSE Bug 1019877 Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions. CVE-2016-10133 openSUSE Leap 42.2:mupdf-1.10a-6.3 openSUSE Leap 42.2:mupdf-devel-static-1.10a-6.3 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00012.html https://www.suse.com/security/cve/CVE-2016-10133.html CVE-2016-10133 https://bugzilla.suse.com/1019877 SUSE Bug 1019877 An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. CVE-2016-10141 openSUSE Leap 42.2:mupdf-1.10a-6.3 openSUSE Leap 42.2:mupdf-devel-static-1.10a-6.3 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-02/msg00012.html https://www.suse.com/security/cve/CVE-2016-10141.html CVE-2016-10141 https://bugzilla.suse.com/1019877 SUSE Bug 1019877