| Package | djvulibre |
|---|---|
| Version | 3.5.25.3-1+deb7u1 |
| Related CVEs | CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145 |
Hongxu Chen found several issues in djvulibre, a library and set of tools to handle images in the DjVu format. The issues are a heap-buffer-overflow, a stack-overflow, an infinite loop and an invalid read when working with crafted files as input.
For Debian 7 Wheezy, these problems have been fixed in version 3.5.25.3-1+deb7u1.
We recommend that you upgrade your djvulibre packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.