--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-9a819664a6
2017-03-07 09:11:32.835174
--------------------------------------------------------------------------------

Name        : mupdf
Product     : Fedora 25
Version     : 1.10a
Release     : 4.fc25
URL         : https://mupdf.com/
Summary     : A lightweight PDF viewer and toolkit
Description :
MuPDF is a lightweight PDF viewer and toolkit written in portable C.
The renderer in MuPDF is tailored for high quality anti-aliased
graphics.  MuPDF renders text with metrics and spacing accurate to
within fractions of a pixel for the highest fidelity in reproducing
the look of a printed page on screen.
MuPDF has a small footprint.  A binary that includes the standard
Roman fonts is only one megabyte.  A build with full CJK support
(including an Asian font) is approximately five megabytes.
MuPDF has support for all non-interactive PDF 1.7 features, and the
toolkit provides a simple API for accessing the internal structures of
the PDF document.  Example code for navigating interactive links and
bookmarks, encrypting PDF files, extracting fonts, images, and
searchable text, and rendering pages to image files is provided.

--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2017-6060 CVE-2017-5896  ----  Add comment with explanation
of disabled debuginfo
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1425338 - CVE-2017-6060 mupdf: Stack-based buffer overflow in jstest_main.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1425338
  [ 2 ] Bug #1424762 - Install size is too big
        https://bugzilla.redhat.com/show_bug.cgi?id=1424762
  [ 3 ] Bug #1363695 - CVE-2016-6525 CVE-2016-8674 CVE-2017-5896 mupdf: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1363695
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade mupdf' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: mupdf Security Update

March 7, 2017
Security fix for CVE-2017-6060 CVE-2017-5896 ---- Add comment with explanation of disabled debuginfo

Summary

MuPDF is a lightweight PDF viewer and toolkit written in portable C.

The renderer in MuPDF is tailored for high quality anti-aliased

graphics. MuPDF renders text with metrics and spacing accurate to

within fractions of a pixel for the highest fidelity in reproducing

the look of a printed page on screen.

MuPDF has a small footprint. A binary that includes the standard

Roman fonts is only one megabyte. A build with full CJK support

(including an Asian font) is approximately five megabytes.

MuPDF has support for all non-interactive PDF 1.7 features, and the

toolkit provides a simple API for accessing the internal structures of

the PDF document. Example code for navigating interactive links and

bookmarks, encrypting PDF files, extracting fonts, images, and

searchable text, and rendering pages to image files is provided.

Update Information:

Security fix for CVE-2017-6060 CVE-2017-5896 ---- Add comment with explanation of disabled debuginfo

Change Log

References

[ 1 ] Bug #1425338 - CVE-2017-6060 mupdf: Stack-based buffer overflow in jstest_main.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1425338 [ 2 ] Bug #1424762 - Install size is too big https://bugzilla.redhat.com/show_bug.cgi?id=1424762 [ 3 ] Bug #1363695 - CVE-2016-6525 CVE-2016-8674 CVE-2017-5896 mupdf: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1363695

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade mupdf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : mupdf
Product : Fedora 25
Version : 1.10a
Release : 4.fc25
URL : https://mupdf.com/
Summary : A lightweight PDF viewer and toolkit

Related News

21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved