Red Hat Security Advisory 2020-4709-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library. Issues addressed include a resource exhaustion vulnerability.
adf083065b0851e04d863d5bdd8eeaf26534eef94830224843805c55972758b2Ubuntu Security Notice 4436-2 - USN-4436-1 fixed a vulnerability in librsvg. The upstream fix caused a regression when parsing certain SVG files. This update backs out the fix pending further investigation. It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that librsvg incorrectly handled parsing certain SVG files with nested patterns. A remote attacker could possibly use this issue to cause librsvg to consume resources and crash, resulting in a denial of service. Various other issues were also addressed.
4706de17b14bc5c39477720e86b7c7f7d6843ae2ead3aeb893972344ded4d0ecUbuntu Security Notice 4436-1 - It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that librsvg incorrectly handled parsing certain SVG files with nested patterns. A remote attacker could possibly use this issue to cause librsvg to consume resources and crash, resulting in a denial of service. Various other issues were also addressed.
546c2237e39dfb6498ac801171c26c1667b637632dbb34c77266efe298f6a487
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed