FEDORA-2018-7151603128

security update in Fedora 26 for mupdf

Status: stable a year ago

CVE-2017-17858 (rh bz #1537952) (gs bz #698819) CVE-2018-5686 (gs bz #698860)

How to install

sudo dnf upgrade --advisory=FEDORA-2018-7151603128

Comments 6

This update has been submitted for testing by mjg.

a year ago

This update has been pushed to testing.

a year ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

a year ago

This update has been submitted for batched by mjg.

a year ago

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

Text fields in Bodhi2 support an enhanced version of markdown. This is a cheat sheet for your reference.

You can do headers by underlining or by prefixing with the # character:

This is an H1
=============

This is an H2
-------------

# This is another H1

## This is another H2

You can do blockquotes using email-style prefixes with the > character:

> This is a quotation
> over many lines
> > and it can be nested(!)

Lists work like you'd expect, by prefixing with any of the *, +, or - characters:

Check out this list:

* This
* is
* a list..

You need a blank line between a paragraph and the start of a list for the renderer to pick up on it.

Emphasis can be added like this:

*italics*
_italics_
**bold**
__bold__

You can save your code references from being misinterpreted as emphasis by surrounding them with backtick characters (`):

Use `the_best_function()` and _not_ that crummy one.

Links look like this:

[text](http://getfedora.org)

..but we also support bare links if you just provide a URL.

You can create code blocks by indenting every line of the block by at least 4 spaces or 1 tab.

Here is a code block:

    for i in range(4):
        print i
    print "done."

You can reference bug reports by simply writing something of the form tracker#ticketid.

This fixes PHP#1234 and Python#2345

... we will automatically generate links to the tickets in the appropriate trackers in place.

The supported bug tracker prefixes are: (these are all case-insensitive)

Fedora, RHBZ and RH (all point to the Red Hat Bugzilla)
GNOME
KDE
PEAR
PHP
Python

And you can refer to other users by prefixing their username with the @ symbol.

Thanks @mattdm!

This will generate a link to their profile, but it won't necessarily send them a notification unless they have a special FMN rule set up to catch it.

Lastly, you can embed inline images with syntax like this:

![Alt text](/path/to/img.jpg)

-1

Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1537952 CVE-2017-17858 mupdf: Heap-based buffer overflow in pdf/pdf-xref.c:ensure_solid_xref() could allow an attacker to execute arbitrary code via a crafted PDF file [fedora-all]

Content Type

RPM

Status

stable

Test Gating

Submitted by

mjg

Update Type

security

Update Severity

unspecified

Karma

0
stable threshold: 3
unstable threshold: -3

Autopush

Enabled

Dates

submitted	a year ago
in testing	a year ago
in stable	a year ago

Related Bugs 1


0	0	#1537952 CVE-2017-17858 mupdf: Heap-based buffer overflow in pdf/pdf-xref.c:ensure_solid_xref() could allow an attacker to execute arbitrary code via a crafted PDF file [fedora-all]

mupdf-1.12.0-2.fc26

FEDORA-2018-7151603128

security update in Fedora 26 for mupdf

How to install

Comments 6

Add Comment & Feedback Toggle Preview

Related Bugs 1

Automated Test Results

Add Comment & Feedback
Toggle Preview