Bug 697230

Summary: JPEG2000 vulnerability in openjp 2.1.1
Product: MuPDF Reporter: Delete_Me! <u6g4doh3qk>
Component: mupdfAssignee: MuPDF bugs <mupdf-bugs>
Status: RESOLVED FIXED    
Severity: normal CC: bhure670shashank, robin.watts
Priority: P4    
Version: unspecified   
Hardware: PC   
OS: Windows 7   
Customer: Word Size: ---

Description Delete_Me! 2016-10-21 02:49:47 UTC 
Does MuPDF use openjp (version 2.1.1) ?
Because that library have a vulnerability when open a JPEG2000 picture. That also affect PDF files too.

Read here for more details: http://www.talosintelligence.com/reports/TALOS-2016-0193/
Comment 1 Robin Watts 2016-10-21 03:31:54 UTC 
The latest version of MuPDF (from Git) uses 2.1.2, where this is fixed.
Comment 2 Delete_Me! 2016-10-21 04:02:58 UTC 
Nice!
It would be great if we can get that build as executable then.