Security update for mupdf
This update for mupdf fixes the following vulnerabilities:
- CVE-2017-5627: Integer overflow in the mujs implementation (boo#1022503)
- CVE-2017-5628: Integer overflow in the mujs implementation (boo#1022504)
- CVE-2017-5896: heap overflow (boo#1023761, boo#1024679)
- NULL pointer dereference in dodrawpage (boo#1023760)
- Submitted by Ismail Dönmez (namtrac)
Fixed bugs
bnc#1022503
VUL-0: CVE-2017-5627: mupdf: mujs: integer overflow
bnc#1022504
VUL-0: CVE-2017-5628: mupdf: mujs: integer overflow when parsing dates
bnc#1023761
VUL-0: CVE-2017-5896: mupdf: heap-based buffer overflow in fz_subsample_pixmap
bnc#1024679
VUL-0: mupdf: use-after-free in fz_subsample_pixmap (pixmap.c)
bnc#1023760
VUL-0: mupdf: NULL pointer dereference in dodrawpage