[SECURITY] [DLA 1278-1] librsvg security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1278-1] librsvg security update
From: Chris Lamb <lamby@debian.org>
Date: Mon, 12 Feb 2018 09:48:07 +0000
Message-id: <[🔎] 1518428887.2257149.1267717968.7135DF0B@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : librsvg
Version        : 2.36.1-2+deb7u3
CVE ID         : CVE-2018-1000041

It was discovered that there was an input validation vulnerability in
the librsvg renderer library that could result in data being leaked to
remote attackers via a specially-crafted file.

For Debian 7 "Wheezy", this issue has been fixed in librsvg version
2.36.1-2+deb7u3.

We recommend that you upgrade your librsvg packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqBYs4ACgkQHpU+J9Qx
HlgIrg/9HdTExQGhKuVrLNWMxfkxjjiJgVno+4Ku8QzwTADwvPC61mV0TPzZOvZR
Ph6G+CdvANmJ9/SpXaZm0TcexsBOTZaP88li4jgkJKruEWdUlMTkkIX4KR9F6g2r
BHZ6nSBxN25nsDRVZ9wbEC/yfNbYXnXMoMjgVV09EGEM0rOTr0TtlwRCbNL+ZKJS
+VH7QbXW0S4dSqfNDM+Kuo1pAy3LWghjxZLpWQwWxm2P12WG5ZKe8CR1sGdIMwd0
A0cVAks3kqofOw0fwCKZVPY62GBzmrXKUHpDJ4g83/D2v6DHQQdHXZkswoumMtOl
vW2+DmN3kMNtKvurwXp5iLlt94/kkgQVXRcQskNi568aM1E8auM+z0y8d14/9Hzw
bs1BFvdWTuLBEQ3Yju/nZKb/7ERk3wGp7uHLh9R2wqBb0VXjUhxyKdfRBoolIXqS
yUVUgyax6VxDOS6cCD5+xzcwQImi3WGfflHBYi4/wC5NFkHzjMIsu1Sgr66QKmBa
q5uw0tmBWPqzrfgGtR0PT2638Q6BbfDw5VrorID7bQ7gSD95xSzqiAUvyHYOPuJy
5Zp1bh7UMWQr+RxVrvaC2d6NT6PRo9M5e8PT2DuD7X+zhYpYWI44bFr6t7oezyUy
aX/JbUrc+Nqr5yYGQZBhDXl1UXkwt+/DgIZdxsVosAHzgx7j6as=
=KrND
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1277-1] audacity security update
Next by Date: [SECURITY] [DLA 1279-1] clamav security update
Previous by thread: [SECURITY] [DLA 1277-1] audacity security update
Next by thread: [SECURITY] [DLA 1279-1] clamav security update
Index(es):
- Date
- Thread