Debian Security Advisory

DLA-1902-1 djvulibre -- LTS security update

Date Reported:
29 Aug 2019
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2019-15142, CVE-2019-15143, CVE-2019-15144, CVE-2019-15145.
More information:

Hongxu Chen found several issues in djvulibre, a library and set of tools to handle images in the DjVu format.

The issues are a heap-buffer-overflow, a stack-overflow, an infinite loop and an invalid read when working with crafted files as input.

For Debian 8 Jessie, these problems have been fixed in version

We recommend that you upgrade your djvulibre packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: