evince/NEWS-security.md

Security fixes
==============

* Evince 3.24.1

    * Remove support for tar and tar-like commands in commics backend
      (#784630). CVE-2017-1000083. (Bastien Nocera)

* Evince 3.21.92

    * Fix a crash when processing button events in EvView (#769700)
      CVE-2013-3718. (Marek Kasik)

* Evince 2.91.5

    * Fix several security issues in dvi backend.
      CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643.
      (José Aliste)

* Evince 0.7.0

    * Buffer overflow in PS backend (#380191).
      CVE-2006-5864. (Carlos Garcia Campos)