A htmldoc security update has been released for Debian GNU/Linux 8 Extended LTS to address an integer overflow vulnerability.
ELA-610-1 htmldoc security update
Package htmldoc
ELA-610-1 htmldoc security update
Version 1.8.27-8+deb8u4
Related CVEs CVE-2022-27114
It was discovered that there was an integer overflow vulnerability in htmldoc, a HTML processor that generates indexed HTML, PS and PDF files. This was caused by a programming error in the image_load_jpeg function due to a conflation or confusion of declared/expected/observed image dimensions.
For Debian 8 Jessie, these problems have been fixed in version 1.8.27-8+deb8u4.
We recommend that you upgrade your htmldoc packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
