Debian Linux Security Advisory 5484-1 - Zac Sims discovered a directory traversal in the URL decoder of librsvg, a SAX-based renderer library for SVG files, which could result in read of arbitrary files when processing a specially crafted SVG file with an include element.
68217fd1bf54af9f988610bfdb0f9312a6e81a903dfa057c272c6ded66b9df1d