A flaw was found in djvulibre-3.5.28 and earlier. An integer overflow in function render() in tools/ddjvu via crafted djvu file may lead to application crash and other consequences.Referenceshttps://bugzilla.redhat.com/show_bug.cgi?id=1943684https://www.debian.org/security/2021/dsa-5032
