FEDORA-2017-6fe982684d

security update in Fedora 25 for mupdf

Status: stable 9 months ago

New release (1.10a). Security fix for CVE-2016-6265

Comments 10

This update has been submitted for testing by landgraf.

This update has been pushed to testing.

How does a "lightweight" pdf reader go from 18MB in the previous version to 133MB in this version? Is debuginfo not separated?

same issue as reported by anonymous: install size is too big, cf. https://bugzilla.redhat.com/show_bug.cgi?id=1424762

karma: -1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

Is debuginfo not separated?

That's exactly it: https://bugzilla.redhat.com/show_bug.cgi?id=1424762#c1

karma: -1

In addition, that spec file changed removed an "rm" that used to remove bundled third party libraries. Besides violating packaging guidelines for no reason this makes the gl build flaky. Bug report and patch upcoming.

This update has been submitted for stable by landgraf.

It is unacceptable that you are pushing this to stable despite the obvious regression.

karma: -1

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown.

-1 0 +1 Feedback Guidelines
#1359108 CVE-2016-6265 mupdf: Use after free vulnerability in pdf_xref.c
#1359109 CVE-2016-6265 mupdf: Use after free vulnerability in pdf_xref.c [fedora-all]
Is the update generally functional?
Content Type
RPM
Status
stable
Submitted by
Update Type
security
Karma
-2
stable threshold: 3
unstable threshold: -3
Autopush
Disabled
Dates
submitted 9 months ago
in testing 9 months ago
in stable 9 months ago

Related Bugs 2

00 #1359108 CVE-2016-6265 mupdf: Use after free vulnerability in pdf_xref.c
00 #1359109 CVE-2016-6265 mupdf: Use after free vulnerability in pdf_xref.c [fedora-all]

Automated Test Results