Source: libitext5-java X-Debbugs-CC: t...@security.debian.org Severity: normal Tags: security
Hi, The following vulnerability was published for PDfReader, which is embedded in libitext5-java. CVE-2021-37819[0]: | PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite | loop via the component /text/pdf/PdfReader.java. https://gitlab.com/pdftk-java/pdftk/-/merge_requests/21 https://gitlab.com/pdftk-java/pdftk/-/commit/75deacdf5c46fd4eefb310c784eb9dfdc7b9fdc9 (v3.3.0) https://gitlab.com/pdftk-java/pdftk/-/commit/9b0cbb76c8434a8505f02ada02a94263dcae9247 (v3.3.0) If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-37819 https://www.cve.org/CVERecord?id=CVE-2021-37819 Please adjust the affected versions in the BTS as needed.