Package Release Info

djvulibre-3.5.27-11.6.1

Update Info: SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2021-1948
Available in Package Hub : 15 SP3 Subpackages Updates

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

djvulibre

Change Logs

* Mon May 24 2021 pgajdos@suse.com
- security update
- added patches
  fix CVE-2021-3500 [bsc#1186253], Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file
  + djvulibre-CVE-2021-3500.patch
Version: 3.5.27-11.3.1
* Wed May 12 2021 pgajdos@suse.com
- security update
- added patches
  fix CVE-2021-32490 [bsc#1185895], Out of bounds write in function DJVU:filter_bv() via crafted djvu file
  + djvulibre-CVE-2021-32490.patch
  fix CVE-2021-32491 [bsc#1185900], Integer overflow in function render() in tools/ddjvu via crafted djvu file
  + djvulibre-CVE-2021-32491.patch
  fix CVE-2021-32492 [bsc#1185904], Out of bounds read in function DJVU:DataPool:has_data() via crafted djvu file
  + djvulibre-CVE-2021-32492.patch
  fix CVE-2021-32493 [bsc#1185905], Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file
  + djvulibre-CVE-2021-32493.patch
* Tue Sep 03 2019 jengelh@inai.de
- Trim conjecture, bias, and metadata repetitions from description.
- Trim descriptions in subpackages for length. (Main package keeps
  the bigger one.)
- Use some more macros and limit fdupes to the /usr volume.
* Tue Jan 08 2019 stefan.bruens@rwth-aachen.de
- Remove rsvg-convert BuildRequires, just use the prebuilt pngs
  from the source package.
Version: 3.5.27-11.11.1
* Fri Jul 30 2021 pgajdos@suse.com
- security update
  extend CVE-2021-3630 fix [bsc#1187869#c14]
- modified patches
  % djvulibre-CVE-2021-3630.patch
* Thu Jul 01 2021 pgajdos@suse.com
- security update
- added patches
  fix CVE-2021-3630 [bsc#1187869], out-of-bounds write in DJVU:DjVuTXT:decode() in DjVuText.cpp
  + djvulibre-CVE-2021-3630.patch