Description
A flaw was discovered in the pdf_load_mesh_params() function allowing
out-of-bounds write access to memory locations. With carefully crafted
input, that could trigger a heap overflow, resulting in application
crash or possibly having other unspecified impact (CVE-2016-6525).
Also, mupdf already contained the X11 viewer /usr/bin/mupdf-x11 but no
mupdf binary to match the man page instructions. A symlink to mupdf-x11
now provides this (mga#19105).