Bug#983104: RFS: mupdf/1.14.0+ds1-4+deb10u3 [NMU, CVE-2020-16600] -- lightweight PDF viewer

To: 983104@bugs.debian.org, Debian Security Team <team@security.debian.org>
Subject: Bug#983104: RFS: mupdf/1.14.0+ds1-4+deb10u3 [NMU, CVE-2020-16600] -- lightweight PDF viewer
From: Bastian Germann <bastiangermann@fishpost.de>
Date: Fri, 19 Feb 2021 13:53:54 +0100
Message-id: <[🔎] ee228f5f-2f4b-5ba2-f4c2-2c8e6e383aba@fishpost.de>
Reply-to: Bastian Germann <bastiangermann@fishpost.de>, 983104@bugs.debian.org
References: <[🔎] eb5535d5-1627-5b9c-a547-c80995e3c779@fishpost.de>

Hi,

I am looking for a sponsor for the package "mupdf" with the upstream fixfor CVE-2020-16600 that affects buster:


 * Package name    : mupdf
   Version         : 1.14.0+ds1-4+deb10u3
 * URL             : http://mupdf.com/

One can download the package with dget using this command:

dget -xhttps://mentors.debian.net/debian/pool/main/m/mupdf/mupdf_1.14.0+ds1-4+deb10u3.dsc


Changes since the last upload:

 mupdf (1.14.0+ds1-4+deb10u3) buster-security; urgency=high
 .
   * Non-maintainer upload.
   * Avoid a use-after-free in fz_drop_band_writer (CVE-2020-16600)

Regards,
Bastian

Reply to:

References:
- Bug#983104: RFS: mupdf/1.14.0+ds1-4+deb10u3 [NMU, CVE-2020-16600] -- lightweight PDF viewer
  - From: Bastian Germann <bastiangermann@fishpost.de>

Prev by Date: Bug#983104: RFS: mupdf/1.14.0+ds1-4+deb10u3 [NMU, CVE-2020-16600] -- lightweight PDF viewer
Next by Date: Bug#982164: RFS: geda-gaf/1.10.2-2 [ITA] -- GPL EDA -- Electronics design software
Previous by thread: Bug#983104: RFS: mupdf/1.14.0+ds1-4+deb10u3 [NMU, CVE-2020-16600] -- lightweight PDF viewer
Next by thread: Bug#983104: RFS: mupdf/1.14.0+ds1-4+deb10u3 [NMU, CVE-2020-16600] -- lightweight PDF viewer
Index(es):
- Date
- Thread