|
|
Log in / Subscribe / Register

Debian alert DLA-4596-1 (evince)



From:
              Andreas Henriksson <andreas@fatal.se>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 4596-1] evince security update


Date:
              Fri, 22 May 2026 23:02:19 +0200


Message-ID:
              <gu5rn76gzal2j2kfuonx6ixn7nlxddcsh6mwmlnxvir547jly7@ldlm5hmqdrb4>


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4596-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                   Andreas Henriksson
May 22, 2026                                  https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : evince
Version        : 3.38.2-1+deb11u1
CVE ID         : CVE-2026-46529

It was discovered that evince, a simple multi-page document viewer, is
prone to a command injection vulnerability if a specially crafted PDF
file is opened.

For Debian 11 bullseye, this problem has been fixed in version
3.38.2-1+deb11u1.

We recommend that you upgrade your evince packages.

For the detailed security status of evince please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/evince

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+uHltkZSvnmOJ4zCC8R9xk0TUwYFAmoQxFgACgkQC8R9xk0T
UwZVBA/8Ce61YJMzRWDh1Nd8v5r5JFtxbnKNmGWbRAFa5GhaJY/gSAfkmgwBFWAY
VWKjthb9H+BfPFpAXNpEpcX3QssVzLxP5tIkIhwB/RB/5eKIlpEqiOy77wJ1e4MM
U33Dlg8KMHj4alP5GvifcMZcEmt19kQI5IXGOaVx8fp8OTOZQ0gUV2IAIB1gHWIu
uSG9fOuu7VnIz0LAizhDwh+YUqgebb/zwHP8xd52R5pzlcC9YAoFd+ALhxLsW5F8
Nbq4UNgc9xCHuhJG5xKvUjeMbqSGnWu6cNbJMflcBxCi7f3VUUFcNVmG6Y7VWOc3
qJNoABq86dwjAcKQVzl58jbUFLygsH7zI2Pkho1bzHHCqtKkcz2AQhlFVwYZTd1i
wh+KvkPs3Phhql9C0R4EkXpfi7SRtwHsL0iK2b6FzCW/6aWZCeaCdaIM7vMm/zHc
Od4qgB9TaZimn1WVcqsVgkkm8v52VRj0GU+KZR4qd3DEwhx7czNPMfQbyR93rtws
URGkotyeqIRryvpGJAi6nS+6G8pJX8RMMBUWFnZs2oZ9WT9+ETI0YeKtTTQ3c8Kx
ziYvtvPkZZw0mmWaCk9JMaGOPKzEPsMsHQJT7F2S+mDpeBjLFRBQrVBjinYw+EDG
RHLIvFJK9XaEb5FEXOU0e0FzgfBdQRJulGqDrRW0N3zuqU8iZNU=
=i+GY
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds