Source: libitext5-java
X-Debbugs-CC: t...@security.debian.org
Severity: normal
Tags: security

Hi,

The following vulnerability was published for PDfReader, which is
embedded in libitext5-java.

CVE-2021-37819[0]:
| PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite
| loop via the component /text/pdf/PdfReader.java.

https://gitlab.com/pdftk-java/pdftk/-/merge_requests/21
https://gitlab.com/pdftk-java/pdftk/-/commit/75deacdf5c46fd4eefb310c784eb9dfdc7b9fdc9
 (v3.3.0)
https://gitlab.com/pdftk-java/pdftk/-/commit/9b0cbb76c8434a8505f02ada02a94263dcae9247
 (v3.3.0)

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-37819
    https://www.cve.org/CVERecord?id=CVE-2021-37819

Please adjust the affected versions in the BTS as needed.

__
This is the maintainer address of Debian's Java team
<https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-maintainers>.
 Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to