Hello, thanks for reporting. Although this issue is no longer relevant in Debian because it is fixed in Stretch and later releases, I have found the root cause in Jessie and just addressed it. The patch for CVE-2018-13988 introduced a regression which is the reason why pdfinfo will segfault with the provided pdf file. I believe it is best to not the change the code because it successfully protects users from this specific kind of malformed pdf documents. The original issue is of low priority anyway and there seems to be no real evidence that it really triggers a buffer overflow.
Markus
signature.asc
Description: OpenPGP digital signature

