CVS commit by mueller: 

the new xpdf vulnerability patch from 18.01.05


  M +3 -0      XRef.cc   1.3.4.6


--- kdegraphics/kpdf/xpdf/XRef.cc  #1.3.4.5:1.3.4.6
@@ -821,4 +821,7 @@ GBool XRef::checkEncrypted(GString *owne
           keyLength = 5;
         }
+        if (keyLength > 16) {
+          keyLength = 16;
+        }
         permFlags = permissions.getInt();
         if (encVersion >= 1 && encVersion <= 2 &&