Security News

Cybersecurity news aggregator

🐧
MEDIUM Updates Debian Security

DSA-6218-1 mupdf - security update

cve-2026-3308debian
  • What: Security update for mupdf
  • Impact: Users of Debian systems using mupdf may be affected by a heap-based buffer overflow vulnerability
Read Full Article →

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6218-1] mupdf security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6218-1] mupdf security update From: Salvatore Bonaccorso <carnil@debian.org> Date: Sat, 18 Apr 2026 15:11:20 +0000 Message-id: <[🔎] E1wE7KK-00000001VtM-0OYO@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6218-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 18, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mupdf CVE ID : CVE-2026-3308 Debian Bug : 1133189 A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight PDF viewer, which may result in denial of service or the execution of arbitrary code if malformed documents are opened. For the oldstable distribution (bookworm), this problem has been fixed in version 1.21.1+ds2-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 1.25.1+ds1-6+deb13u1. We recommend that you upgrade your mupdf packages. For the detailed security status of mupdf please refer to its security tracker page at: https://security-tracker.debian.org/tracker/mupdf Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmnjnrBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QEAg/8DNGqq+HjHgkb/Y9/GKAa7lNQofeeFIRQULsxFbsCN9PTgkS0nKcoZKv1 RLRRRDKZ9xhdkzBH19gr1ztvwXDebAZzZlukrn/CrjRPL5BldgHXtGRkl8WeCAUe uwg3DC+t5Y6RZMnmCMOuSSMb6O4tiN6AZzIr8ABXFbzU1jSikE013Nz1PmuEBuYx dBjbNHVYOQiyM6w84HYS82woCNlSVIMRKzYFdvP/AiWWlv75Olmdud+GcJ0UDCPb G0e6YgIW359JFqExwPNJoTyQe/bvd1pg0uIu3bvOFk5WdqjLQxSHzBOXCI/qZXlT 5P2/PvUrlYzD8Sx+PclXgI8HCuqepurY7Le3eItcKONF+XKN82Xs1fGhIeRmq1Rm kCnYTBmuZjh+GbyEcykg0sM+oTSkG+ia9KRVIc59+besZQGQF4TMjbAMxcG/T1L1 37CHSZdZllt8CGxZITIfQmDgRp0essYXWTGlHrHgQBe3NoIHZ8T2lFkjI43mQ5LX OFHmnh9fcsshZn7F9c3AaJGzt2/JTiwXd5j+E+QCYov9HT2aRuxB5NzCGG/LVJxx 0PpS46Mtoq+udLj0XBJi5dTje1WN4JZ3EdkpMfb/jCG3Uy+YY3IrGpasbcH5COJa bk7EyCSSIhRoXPQaRXH6/cyf4pKFewXUimnliDmdVcgx5kST5Hw= =SRuA -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Salvatore Bonaccorso (on-list) Salvatore Bonaccorso (off-list) Prev by Date: [SECURITY] [DSA 6217-1] luanti security update Previous by thread: [SECURITY] [DSA 6217-1] luanti security update Index(es): Date Thread

Related Articles

HIGH [UPDATE] [mittel] poppler: Mehrere Schwachstellen BSI Germany INFO DSA-6251-1 libreoffice - security update Debian Security HIGH VU#951662: MuPDF by Artifex contains integer overflow vulnerability. CERT/CC LOW [NEU] [UNGEPATCHT] [niedrig] xpdf: Schwachstelle ermöglicht Denial of Service BSI Germany
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn