A flaw was found in latest djvulibre. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences. References: https://bugzilla.redhat.com/show_bug.cgi?id=1943409
Created djvulibre tracking bugs for this issue: Affects: fedora-all [bug 1943409]
Created djvulibre tracking bugs for this issue: Affects: epel-7 [bug 1958177] Created mingw-djvulibre tracking bugs for this issue: Affects: fedora-all [bug 1958176]
Acknowledgments: Name: 1vanChen (NSFOCUS Security Team)