http://bugzilla.opensuse.org/show_bug.cgi?id=1074116 Bug ID: 1074116 Summary: VUL-1: CVE-2017-17866: mupdf: buffer overrun in pdf_xref_len pdf/pdf-write.c Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other URL: https://smash.suse.de/issue/197247/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: idonmez@suse.com Reporter: vpereira@microfocus.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- rh#1529172 pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. References: https://bugzilla.redhat.com/show_bug.cgi?id=1529172 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17866 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17866 -- You are receiving this mail because: You are on the CC list for the bug.