[ubuntu/mantic-proposed] librsvg 2.54.5+dfsg-1ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri Jul 28 15:31:14 UTC 2023
librsvg (2.54.5+dfsg-1ubuntu4) mantic; urgency=medium
* SECURITY UPDATE: Arbitrary file read when xinclude href has special
characters
- debian/patches/CVE-2023-38633.patch: validate URLs in
include/librsvg/rsvg.h, src/error.rs, src/lib.rs,
src/url_resolver.rs, tests/*.
- CVE-2023-38633
Date: Fri, 28 Jul 2023 08:48:51 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/librsvg/2.54.5+dfsg-1ubuntu4
-------------- next part --------------
Format: 1.8
Date: Fri, 28 Jul 2023 08:48:51 -0400
Source: librsvg
Built-For-Profiles: noudeb
Architecture: source
Version: 2.54.5+dfsg-1ubuntu4
Distribution: mantic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
librsvg (2.54.5+dfsg-1ubuntu4) mantic; urgency=medium
.
* SECURITY UPDATE: Arbitrary file read when xinclude href has special
characters
- debian/patches/CVE-2023-38633.patch: validate URLs in
include/librsvg/rsvg.h, src/error.rs, src/lib.rs,
src/url_resolver.rs, tests/*.
- CVE-2023-38633
Checksums-Sha1:
f5c09f4949925ff84f1256b6ec2ba761d18c529f 3068 librsvg_2.54.5+dfsg-1ubuntu4.dsc
88640a3a420171f67ecf9aaf15d11dccb1e49960 39244 librsvg_2.54.5+dfsg-1ubuntu4.debian.tar.xz
fd9efe63df43527335628f51d063659aaf338a78 13483 librsvg_2.54.5+dfsg-1ubuntu4_source.buildinfo
Checksums-Sha256:
3ee4e83d7ed0430cbb3378d8ec2ca32df4a92ea53d720d27e04553c419c49ce4 3068 librsvg_2.54.5+dfsg-1ubuntu4.dsc
904a502b4a88c6a4dc6d668f158f5b3567c605d7a7e6a9c058c66a80ebcc879c 39244 librsvg_2.54.5+dfsg-1ubuntu4.debian.tar.xz
754de6a6a3c1ceca6c20b3b4696aefaddf72930703b252d945062254f9f52339 13483 librsvg_2.54.5+dfsg-1ubuntu4_source.buildinfo
Files:
2d1d9dd11ca38d40e40d6ffb5df3e7a8 3068 libs optional librsvg_2.54.5+dfsg-1ubuntu4.dsc
42550d513fcdebdfae75d9f3a1cd91a1 39244 libs optional librsvg_2.54.5+dfsg-1ubuntu4.debian.tar.xz
3eeb5a47f4eef178d4bc47a96cb99473 13483 libs optional librsvg_2.54.5+dfsg-1ubuntu4_source.buildinfo
Original-Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
More information about the mantic-changes
mailing list