| Release | Version |
|---|---|
| jessie | 3.5.25.4-4+deb8u4 |
| stretch | 3.5.27.1-7+deb9u2 |
| buster | 3.5.27.1-10+deb10u1 |
| bullseye | 3.5.28-2 |
| bookworm | 3.5.28-2 |
| trixie | 3.5.28-2 |
| sid | 3.5.28-2 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-46312 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in all ... |
| CVE-2021-46310 | fixed | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows at ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| TEMP-0775193-7F000E | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | djvudigital: insecure use of /tmp |
| Bug | Description |
|---|---|
| CVE-2021-32493 | A flaw was found in djvulibre-3.5.28 and earlier. A heap buffer overfl ... |
| CVE-2021-32492 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds rea ... |
| CVE-2021-32491 | A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow ... |
| CVE-2021-32490 | A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds wri ... |
| CVE-2021-3630 | An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::D ... |
| CVE-2021-3500 | A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in ... |
| CVE-2019-18804 | DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ... |
| CVE-2019-15145 | DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ... |
| CVE-2019-15144 | In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYP ... |
| CVE-2019-15143 | In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ... |
| CVE-2019-15142 | In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ... |
| CVE-2012-6535 | DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDr ... |
| DSA / DLA | Description |
|---|---|
| DSA-5032-1 | djvulibre - security update |
| ELA-454-1 | djvulibre - security update |
| DLA-2702-1 | djvulibre - security update |
| DLA-2667-1 | djvulibre - security update |
| ELA-434-1 | djvulibre - security update |
| ELA-188-1 | djvulibre - security update |
| DLA-1985-1 | djvulibre - security update |
| DLA-1902-1 | djvulibre - security update |
| ELA-157-1 | djvulibre - security update |
| DSA-2844-1 | djvulibre - arbitrary code execution |