Debian Security Advisory

DLA-395-1 librsvg -- LTS security update

Date Reported:
19 Jan 2016
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2015-7557.
More information:

A vulnerability was found in LibRSVG, a library to render SVG graphics. Librsvg was susceptible to an out-of-bounds heap read when parsing SVG files.

For Debian 6 Squeeze, this issue has been fixed in librsvg version 2.26.3-1+deb6u3. We recommend you to upgrade your librsvg packages.