A heap overflow vulnerability leading to a crash was found in the "pdf_load_mesh_params" function in "source/pdf/pdf-shade.c". Upstream bug: http://bugs.ghostscript.com/show_bug.cgi?id=696954 Upstream patch: http://git.ghostscript.com/?p=mupdf.git;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e Original report and CVE request: http://seclists.org/oss-sec/2016/q3/235
Created mupdf tracking bugs for this issue: Affects: fedora-all [bug 1363695]