Your message dated Sun, 20 Jul 2025 23:34:03 +0000
with message-id <[email protected]>
and subject line Bug#1052668: fixed in djvulibre 3.5.28-2.2
has caused the Debian Bug report #1052668,
regarding djvulibre: CVE-2021-46310
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1052668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052668
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: djvulibre
X-Debbugs-CC: [email protected]
Severity: important
Tags: security
Hi,
The following vulnerability was published for djvulibre.
CVE-2021-46310[0]:
| An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows
| attackers to cause a denial of service via divide by zero.
https://sourceforge.net/p/djvu/bugs/345/
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-46310
https://www.cve.org/CVERecord?id=CVE-2021-46310
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: djvulibre
Source-Version: 3.5.28-2.2
Done: Adrian Bunk <[email protected]>
We believe that the bug you reported is fixed in the latest version of
djvulibre, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Adrian Bunk <[email protected]> (supplier of updated djvulibre package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 18 Jul 2025 20:57:51 +0300
Source: djvulibre
Architecture: source
Version: 3.5.28-2.2
Distribution: unstable
Urgency: medium
Maintainer: Barak A. Pearlmutter <[email protected]>
Changed-By: Adrian Bunk <[email protected]>
Closes: 1052668 1052669
Changes:
djvulibre (3.5.28-2.2) unstable; urgency=medium
.
* Non-maintainer upload.
* CVE-2021-46310: Divide by zero in IW44Image::Map::image()
(Closes: #1052668)
* CVE-2021-46312: Divide by zero in IWBitmap::Encode::init()
(Closes: #1052669)
Checksums-Sha1:
33b40273ee4ae69281cc7a8bb9cabb6f8e20b349 2375 djvulibre_3.5.28-2.2.dsc
d4d3a7ad62529a5f4663ec47d417e4f1bc5a09dc 18328
djvulibre_3.5.28-2.2.debian.tar.xz
Checksums-Sha256:
fbf497fe2aa5d649c4b9f0c413a93ef3650fa524e6b00fbe1401f4742b90f3a7 2375
djvulibre_3.5.28-2.2.dsc
93c56218b7ea8d2a3dcec7dc982864ba9f3ece50c2e400003d938c67485d3ef6 18328
djvulibre_3.5.28-2.2.debian.tar.xz
Files:
d11b8c9923d6b97a95f0835ed425fd39 2375 libs optional djvulibre_3.5.28-2.2.dsc
8727774a0c18a4ad36a7c824cf32c2d2 18328 libs optional
djvulibre_3.5.28-2.2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmh609MACgkQiNJCh6LY
mLEvEw/+ITtPB8me/Ja2tngvhlwWq1diTAC1xrwcPKkxlavDRZKue/S3aQOl+4d2
wDMsizXemnkxQF2k9/pUYmeizajgjgLgwBIVelt6RZ6m+8pt6rQ0W/et3ze6hyCB
QTgcd6zFSfdq+d+2ldeFSVYU0HoQbY6yzI1rckDWKphdhbXrxvlfjk2VLAVKMGrC
GeYHoFk/73PzVZUXE18jT3fRmPxoHIt+v4h8She1Rphwa1ODYZAAcxL2qONbinUu
eJvNRoOS73LU1pfx0WaMiLUaFIfvrH4u0lopKbh3r5tm8lq69W1ZgWSd07QEgtNh
XjIiaj368Mc9OpDQHAl9vHvNhkg15zk8dS2qPAIVhBXJfSeJQ3+D8y9ZgUoHjDyn
Z3xAsmWpw5d2manQgUYsaiOza8PrQEW+n8rDeZW55KusKTv2aZNfXMwehZtcNQ5w
XL1toYXw4Qq2L0XIJO30ihorwk5IZ6iht2Hpk+BeadWujO1iqFkeSi25ngSaZsxM
RGoz9/xMnFR6RHw/xQPG8TNj4S5RMdhwkWMToEIXS+9Hh5l5/kRiaQ8g0AFLDcjT
X2PznZn0E19Y5qS33aRFVs372ruHEqKSkLc7TRG/rVZ8qg8iEoUuFIqRAwG9N2jL
uW0Yl7W6BkKY5V4epH1XngzaELwZev3SvoqppMcABLgMiEeH1n8=
=oq7h
-----END PGP SIGNATURE-----
pgpuMhJ2sQSYG.pgp
Description: PGP signature
--- End Message ---
