This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for mupdf to version 1.10a fixes the following issues :
These security issues were fixed :
- CVE-2016-10132: NULL pointer dereference in regexp
because of a missing check after allocating memory
allowing for DoS (bsc#1019877).
- CVE-2016-10133: Heap buffer overflow write in
js_stackoverflow allowing for DoS or possible code
- CVE-2016-10141: An integer overflow vulnerability
triggered by a regular expression with nested
repetition. A successful exploitation of this issue can
lead to code execution or a denial of service (buffer
overflow) condition (bsc#1019877).
These non-security issues were fixed :
- A bug with mutool and saving PDF files using the 'ascii'
option has been fixed.
- Stop defining OPJ_STATIC
- FictionBook (FB2) e-book support.
- Simple SVG parser (a small subset of SVG only).
- mutool convert: a new document conversion tool and
- Multi-threaded rendering in mudraw.
- Updated base 14 fonts from URW.
- New CJK font with language specific variants.
- Hyperlink support in EPUB.
- Alpha channel is now optional in pixmaps.
- More aggressive purging of cached objects.
- Partial image decoding for lower memory use when
- Reduced default set of built-in CMap tables to the
- FZ_ENABLE_PDF, _XPS, _JS, to disable features at compile
- Function level linking.
- Dropped pdf object generation numbers from public
- Simplified PDF page, xobject, and annotation internals.
- Closing and freeing devices and writers are now separate
- Improved PDF annotation editing interface (still a work
- Document writer interface.
- Banded image writer interface.
- Bidirectional layout for Arabic and Hebrew scripts.
- Shaping complex scripts for EPUB text layout.
- Noto fallback fonts for EPUB layout.
- mutool create :
- Create new PDF files from scratch.
- Read an annotated content stream in a text file and
write a PDF file, automatically embedding font and image
- mutool run :
+ The interface is similar to the new Java interface.
- mutool draw :
+ Optional multi-threaded operation (Windows and
+ Optional low memory mode (primarily for testing).
- Set to best anti-alias mode (8) by default.
- Ship mupdf-x11-curl as default mupdf. Drop non-curl
- New URW fonts with greek and cyrillic.
- 64-bit file support.
- Updated FreeType to version 2.6.1.
- Various font substitution bug fixes.
- EPUB improvements: User style sheets, GIF images, Table
of Contents, CJK text, Page margins and many bug fixes.
See also :
Update the affected mupdf packages.
Risk factor :
High / CVSS Base Score : 7.5