mujs Multiple CVE Fixes: Integer Overflow, UAF, OOB Read

Key Information Bug ID: Bug 1390266 CVE IDs: - CVE-2016-7504 - CVE-2016-7505 - CVE-2016-7506 - CVE-2016-9017 - CVE-2016-9108 - CVE-2016-9109 Vulnerability Description: - CVE-2016-9108: Integer overflow and crash during regular expression parsing - CVE-2016-9109: Incomplete fix for CVE-2016-7563 - CVE-2016-7506: Out-of-bounds read in Sp_replace_regexp function - CVE-2016-7505: Buffer overflow in divby function - CVE-2016-7504: Use-after-free in Rp_toString function - CVE-2016-9017: Out-of-bounds read in jsC_dumpfunction function Affected Versions: All Severity: high Status: CLOSED ERRATA Fix Information: - Multiple CVEs have been fixed in Fedora; specific fix versions and commit details are provided - CVE-2016-7506 fixed in mujs-0-5.20160921git5c337af.fc23 - CVE-2016-9108 fixed in commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e - CVE-2016-9109 fixed in commit a0ceaf5050faf419401fe1b83acfa950ec8a8a89 - CVE-2016-9017 fixed in commit a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 Related Links: Links to seclist.org and bugs.ghostscript.com are provided

Goal Reached Thanks to every supporter — we hit 100%!

mujs Multiple CVE Fixes: Integer Overflow, UAF, OOB Read