Package: mupdf / 1.9a+ds1-4+deb9u4
Metadata
Package | Version | Patches format |
---|---|---|
mupdf | 1.9a+ds1-4+deb9u4 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
0001 fix_libjpeg_header_mismatch.patch | (download) |
scripts/jpeg/jconfig.h |
45 0 + 45 - 0 ! |
fix_libjpeg_header_mismatch commit 674a7b563e3010d26faef86d674b246d42c8edf0 |
0002 mupdf_manpage.patch | (download) |
docs/man/mupdf.1 |
10 10 + 0 - 0 ! |
mupdf_manpage |
0003 Fix build with libopenjp2.patch | (download) |
Makerules |
4 2 + 2 - 0 ! |
fix build with libopenjp2 |
0004 Fix build with system gl and glfw.patch | (download) |
Makerules |
5 5 + 0 - 0 ! |
fix build with system gl and glfw |
0005 Don t communicate via tty.patch | (download) |
platform/x11/x11_main.c |
10 2 + 8 - 0 ! |
don't communicate via tty Closes: #830143 |
0006 CVE 2016 6265.patch | (download) |
source/pdf/pdf-xref.c |
10 8 + 2 - 0 ! |
bug 696941: fix use after free. The file is HORRIBLY corrupt, and triggers Sophos to think it's PDF malware (which it isn't). It does however trigger a use after free, worked around here. |
0007 CVE 2016 6525.patch | (download) |
source/pdf/pdf-shade.c |
2 1 + 1 - 0 ! |
make sure that number of colors in mesh params is valid. Fixes bug 696954. |
0008 CVE 2016 8674.patch | (download) |
include/mupdf/pdf/document.h |
4 4 + 0 - 0 ! |
bug 697015: avoid object references vanishing during repair. A PDF repair can be triggered 'just in time', when we encounter a problem in the file. The idea is that this can happen without the enclosing code being aware of it. Thus the enclosing code may be holding 'borrowed' references (such as those returned by pdf_dict_get()) at the time when the repair is triggered. We are therefore at pains to ensure that the repair does not replace any objects that exist already, so that the calling code will not have these references unexpectedly invalidated. The sole exception to this is when we replace the 'Length' fields in stream dictionaries with the actual lengths. Bug 697015 shows exactly this situation causing a reference to become invalid. The solution implemented here is to add an 'orphan list' to the document, where we put these (hopefully few, small) objects. These orphans are kept around until the document is closed. |
0009 CVE 2017 5896.patch | (download) |
source/fitz/pixmap.c |
6 4 + 2 - 0 ! |
bug 697515: fix out of bounds read in fz_subsample_pixmap Pointer arithmetic for final special case was going wrong. |
0010 CVE 2017 5991.patch | (download) |
source/pdf/pdf-op-run.c |
26 18 + 8 - 0 ! |
bug 697500: fix null ptr access. Cope better with errors during rendering - avoid letting the gstate stack get out of sync. This avoids us ever getting into the situation of popping a clip when we should be popping a mask or a group. This was causing an unexpected case in the painting. |
CVE 2017 14685.patch | (download) |
source/xps/xps-link.c |
2 2 + 0 - 0 ! |
verify that an xps font could be loaded. |
CVE 2017 14686.patch | (download) |
source/fitz/unzip.c |
3 3 + 0 - 0 ! |
check whether size fields in a zip entry are negative numbers. |
CVE 2017 14687.patch | (download) |
source/html/css-apply.c |
2 1 + 1 - 0 ! |
fix of mishandling of xml tag name comparisons. |
CVE 2017 15587.patch | (download) |
source/pdf/pdf-xref.c |
2 1 + 1 - 0 ! |
an integer overflow was discovered in pdf_read_new_xref_section |
CVE 2018 1000051.patch | (download) |
source/pdf/pdf-appearance.c |
9 2 + 7 - 0 ! |
[patch] bug 698825: do not drop borrowed colorspaces. Previously the borrowed colorspace was dropped when updating annotation appearances, leading to use after free warnings from valgrind/ASAN. |
CVE 2018 6544 1.patch | (download) |
source/pdf/pdf-xref.c |
14 14 + 0 - 0 ! |
--- |
CVE 2017 17866.patch | (download) |
source/pdf/pdf-write.c |
62 47 + 15 - 0 ! |
cve-2017-17866 X-Git-Url: https://git.ghostscript.com/?p=mupdf.git;a=patch;h=520cc26d18c9ee245b56e9e91f9d4fcae02be5f0 |
CVE 2018 1000037.patch | (download) |
source/pdf/pdf-interpret.c |
2 0 + 2 - 0 ! |
cve-2018-1000037 X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=patch;h=8a3257b01faa899dd9b5e35c6bb3403cd709c371;hp=de39f005f12a1afc6973c1f5cec362d6545f70cb X-Git-Url: https://git.ghostscript.com/?p=mupdf.git;a=patch;h=b2e7d38e845c7d4922d05e6e41f3a2dc1bc1b14a;hp=f51836b9732c38d945b87fda0770009a77ba680c |
CVE 2018 1000040.patch | (download) |
source/fitz/colorspace.c |
19 10 + 9 - 0 ! |
cve-2018-1000040 X-Git-Url: https://git.ghostscript.com/?p=mupdf.git;a=patch;h=83d4dae44c71816c084a635550acc1a51529b881;hp=f597300439e62f5e921f0d7b1e880b5c1a1f1607 |
CVE 2018 5686.patch | (download) |
include/mupdf/fitz/stream.h |
29 22 + 7 - 0 ! |
cve-2018-5686 |
CVE 2018 6187 1.patch | (download) |
source/pdf/pdf-write.c |
15 10 + 5 - 0 ! |
cve-2018-6187 X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=patch;h=3e30fbb7bf5efd88df431e366492356e7eb969ec |
CVE 2018 6187 2.patch | (download) |
source/pdf/pdf-lex.c |
28 22 + 6 - 0 ! |
cve-2018-6187 X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=patch;h=fa9cd085533f68367c299e058ab3fbb7ad8a2dc6 |
CVE 2018 6192.patch | (download) |
include/mupdf/pdf/object.h |
2 2 + 0 - 0 ! |
cve-2018-6192 X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=patch;h=5e411a99604ff6be5db9e273ee84737204113299 |