I just patched this in commit 6891f957. Thanks for the heads up!
On Wed, 2021-03-03 at 21:53 +0100, Léo Le Bouter wrote:
> CVE-2021-3407 24.02.21 00:15
> A flaw was found in mupdf 1.18.0. Double free of object during
> linearization may lead to memory corruption and other potential
> consequences
CVE-2021-3407 24.02.21 00:15
A flaw was found in mupdf 1.18.0. Double free of object during
linearization may lead to memory corruption and other potential
consequences.
mupdf has made no release yet, so you need to cherry-pick the commit:
https://git.ghostscript.com/?p=mupdf.git;a=log;h=cee7ce
