Publishing details

• Published on 2020-07-18

Changelog

evince (3.22.1-3+deb9u2) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * dvi: Mitigate command injection attacks by quoting filename
    (CVE-2017-1000159)
  * Fix overflow checks in tiff backend (CVE-2019-1010006)
  * Remove unused configure check for cairo_format_stride_for_width
    (CVE-2019-1010006)
  * tiff: Handle failure from TIFFReadRGBAImageOriented (CVE-2019-11459)
    (Closes: #927820)

 -- Salvatore Bonaccorso <email address hidden>  Wed, 12 Feb 2020 21:32:58 +0100

Builds

Package files

• evince_3.22.1-3+deb9u2.debian.tar.xz (30.0 KiB)
• evince_3.22.1-3+deb9u2.dsc (3.2 KiB)
• evince_3.22.1.orig.tar.xz (3.2 MiB)