In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. Reference: https://sourceforge.net/p/djvu/bugs/299/ Upstream commit: https://sourceforge.net/p/djvu/djvulibre-git/ci/e15d51510048927f172f1bf1f27ede65907d940d/
Created djvulibre tracking bugs for this issue: Affects: epel-6 [bug 1767870] Affects: epel-7 [bug 1767871] Affects: fedora-all [bug 1767868] Created mingw-djvulibre tracking bugs for this issue: Affects: fedora-all [bug 1767869]