A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in
function DJVU::DataPool::has_data() via crafted djvu file may lead to
application crash and other consequences.
Author | Note |
---|---|
mdeslaur | This is 0005-djvulibre-fedora-Patch10-djvulibre-3.5.27-check-inpu.patch |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | djvulibre | <Â 3.5.27.1-8ubuntu0.3 | UNKNOWN |
ubuntu | 20.04 | noarch | djvulibre | <Â 3.5.27.1-14ubuntu0.1 | UNKNOWN |
ubuntu | 20.10 | noarch | djvulibre | <Â 3.5.27.1-15ubuntu0.1 | UNKNOWN |
ubuntu | 21.04 | noarch | djvulibre | <Â 3.5.28-1ubuntu0.1 | UNKNOWN |
ubuntu | 16.04 | noarch | djvulibre | <Â 3.5.27.1-5ubuntu0.1+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |