Debian Security Advisory
DLA-395-1 librsvg -- LTS security update
- Date Reported:
- 19 Jan 2016
- Affected Packages:
- librsvg
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-7557.
- More information:
-
A vulnerability was found in LibRSVG, a library to render SVG graphics. Librsvg was susceptible to an out-of-bounds heap read when parsing SVG files.
For Debian 6
Squeeze
, this issue has been fixed in librsvg version 2.26.3-1+deb6u3. We recommend you to upgrade your librsvg packages.