openSUSE-SU-2023:0363-1

Опубликовано: 11 нояб. 2023

Источник: suse-cvrf

Описание

Security update for mupdf

This update for mupdf fixes the following issues:

CVE-2023-31794: Fixed denial of service via crafted pdf in pdf_mark_list_push() (boo#1216728)

Список пакетов

SUSE Package Hub 15 SP5

mupdf-1.21.1-bp155.3.3.1

mupdf-devel-static-1.21.1-bp155.3.3.1

openSUSE Leap 15.5

mupdf-1.21.1-bp155.3.3.1

mupdf-devel-static-1.21.1-bp155.3.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HH7LKRXVB7EGA3JI6NL5ZVYTPRFC3DKZ/
E-Mail link for openSUSE-SU-2023:0363-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1216728
SUSE Bug 1216728
https://www.suse.com/security/cve/CVE-2023-31794/
SUSE CVE CVE-2023-31794 page

Описание

MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

Затронутые продукты

SUSE Package Hub 15 SP5:mupdf-1.21.1-bp155.3.3.1

SUSE Package Hub 15 SP5:mupdf-devel-static-1.21.1-bp155.3.3.1

openSUSE Leap 15.5:mupdf-1.21.1-bp155.3.3.1

openSUSE Leap 15.5:mupdf-devel-static-1.21.1-bp155.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-31794.html
CVE-2023-31794
https://bugzilla.suse.com/1216728
SUSE Bug 1216728

openSUSE-SU-2023:0363-1

Описание

Список пакетов

SUSE Package Hub 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2023-31794

Описание

Затронутые продукты

Ссылки