OPENSUSE-SU-2026:20850-1 Security update for evince

This update for evince fixes the following issues: Changes in evince: - Update to version 48.2 bsc1265880 CVE-2026-46529: + shell: Quote strings in arguments used when calling evspawn - Update to version 48.1+6: + build: bump DjVuLibre version required + libview: Fix crash in the accessible code...

[SECURITY] Fedora 43 Update: djvulibre-3.5.30-1.fc43

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

[SECURITY] Fedora 44 Update: djvulibre-3.5.30-1.fc44

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

Fedora 44 : djvulibre (2026-956f05a733)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-956f05a733 advisory. Update to 3.5.30. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 43 : djvulibre (2026-bfa185dbb3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bfa185dbb3 advisory. Update to 3.5.30. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Astra Linux - уязвимость в djvulibre

In DjVuLibre 3.5.27, the DjVmDir.cpp file within the DJVU reader component allows attackers to cause a denial-of-service attack resulting in a crash of the application by creating a DJVU file that triggers a heap-based buffer overflow attack in the GStringRep::strdup function within...

Astra Linux - уязвимость в djvulibre

In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error resource exhaustion caused by an infinite loop in GBitmap::readrleraw by creating a corrupted image file, which is related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp...

Astra Linux - уязвимость в djvulibre

A issue was discovered in IW44EncodeCodec.cpp within djvulibre 3.5.28, which allows attackers to cause a denial of service through division by zero...

Astra Linux - уязвимость в djvulibre

DjVuLibre 3.5.27 allows attackers to carry out a denial-of-service attack application crashes due to an out-of-bounds read by creating a corrupted JB2 image file. This occurs due to improper handling of the JB2 image file in the JB2Dict::JB2Codec::getdirectcontext function in libdjvu/JB2Image.h,...

Astra Linux - уязвимость в djvulibre

DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filterfv at IW44EncodeCodec.cpp...

Astra Linux - уязвимость в djvulibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A malicious read operation in the function DJVU::DataPool::hasdata, through a crafted djvu file, may cause the application to crash and lead to other issues...

Astra Linux - уязвимость в djvulibre

A flaw was discovered in djvulibre-3.5.28 and earlier. A stack overflow occurred in the function DJVU::DjVuDocument::getdjvufile, due to a malicious djvu file, which could lead to the application crashing and other related issues...

Astra Linux - уязвимость в djvulibre

A flaw was discovered in djvulibre-3.5.28 and earlier. An integer overflow in the render function in tools/ddjvu, through a crafted djvu file, may cause the application to crash and lead to other issues...

Astra Linux - уязвимость в djvulibre

A out-of-bounds write vulnerability was discovered in DjVuLibre, specifically in the function DjVU::DjVuTXT::decode in DjVuText.cpp. A crafted DjVU file can trigger this issue, leading to a crash or segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28...

Astra Linux - уязвимость в djvulibre

A flaw was discovered in djvulibre-3.5.28 and earlier. An out-of-bounds write operation in the DJVU::filterbv function, through a crafted djvu file, may cause the application to crash and lead to other issues...

Astra Linux - уязвимость в djvulibre

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer...

Astra Linux - уязвимость в djvulibre

A issue was discovered in IW44Image.cpp within djvulibre 3.5.28, which allows attackers to cause a denial of service through division by zero...

Advisory ROSA-SA-2026-3242

software: djvulibre 3.5.29 WASP: ROSA-CHROME unaffected versions = djvulibre-3.5.29-1 affected versions djvulibre-3.5.29-1 CVE-ID: CVE-2021-46312 BDU-ID: 2023-05878 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the IW44EncodeCodec.cpp component of the library for viewing, creating, editing DjVu...

Ubuntu: Security Advisory (USN-8054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8054-1 djvulibre vulnerabilities

It was discovered that DjVuLibre could be forced to execute a division by zero in certain instances. A remote attacker could possibly use this issue to cause applications to stop responding or crash, resulting in a denial of service. CVE-2021-46312 It was discovered that DjVuLibre incorrectly...