{"affected":[{"ecosystem_specific":{"binaries":[{"djvulibre":"3.5.27-lp150.2.3.1","djvulibre-doc":"3.5.27-lp150.2.3.1","libdjvulibre-devel":"3.5.27-lp150.2.3.1","libdjvulibre21":"3.5.27-lp150.2.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.0","name":"djvulibre","purl":"pkg:rpm/opensuse/djvulibre&distro=openSUSE%20Leap%2015.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.5.27-lp150.2.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for djvulibre fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-15142: Fixed heap-based buffer over-read (bsc#1146702).\n- CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files (bsc#1146569).\n- CVE-2019-15144: Fixed denial-of-service caused by crafted PBM image files (bsc#1146571).\n- CVE-2019-15145: Fixed out-of-bounds read caused by corrupted JB2 image files (bsc#1146572).\n- Fixed segfault when libtiff encounters corrupted TIFF (upstream issue #295).\n\nThis update was imported from the SUSE:SLE-15:Update update project.","id":"openSUSE-SU-2019:2217-1","modified":"2019-09-30T04:19:41Z","published":"2019-09-30T04:19:41Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IH4MQKYJLC6RE2GZDHVFRWARHBFRQAP4/#IH4MQKYJLC6RE2GZDHVFRWARHBFRQAP4"},{"type":"REPORT","url":"https://bugzilla.suse.com/1146569"},{"type":"REPORT","url":"https://bugzilla.suse.com/1146571"},{"type":"REPORT","url":"https://bugzilla.suse.com/1146572"},{"type":"REPORT","url":"https://bugzilla.suse.com/1146702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15142"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15143"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15144"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15145"}],"related":["CVE-2019-15142","CVE-2019-15143","CVE-2019-15144","CVE-2019-15145"],"summary":"Security update for djvulibre","upstream":["CVE-2019-15142","CVE-2019-15143","CVE-2019-15144","CVE-2019-15145"]}