drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Inkscape
Name: |
Ausführen beliebiger Kommandos in Inkscape |
|
ID: |
FEDORA-2012-20621 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 16 |
|
Datum: |
Sa, 5. Januar 2013, 08:35 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5656 |
|
Applikationen: |
Inkscape |
|
Originalnachricht |
Name : inkscape Product : Fedora 16 Version : 0.48.4 Release : 1.fc16 URL : http://inkscape.sourceforge.net/ Summary : Vector-based drawing program using SVG Description : Inkscape is a vector graphics editor, with capabilities similar to Illustrator, CorelDraw, or Xara X, using the W3C standard Scalable Vector Graphics (SVG) file format. It is therefore a very useful tool for web designers and as an interchange format for desktop publishing.
Inkscape supports many advanced SVG features (markers, clones, alpha blending, etc.) and great care is taken in designing a streamlined interface. It is very easy to edit nodes, perform complex path operations, trace bitmaps and much more.
------------------------------------------------------------------------------- - Update Information:
Fix XXE flaw, man page ownership. ------------------------------------------------------------------------------- - ChangeLog:
* Thu Dec 6 2012 Jon Ciesla <limburgher@gmail.com> - 0.48.3.1-4 - 0.48.4, fix XXE security flaw. - Correct man page ownership. * Thu Dec 6 2012 Jon Ciesla <limburgher@gmail.com> - 0.48.3.1-4 - Fix directory ownership, BZ 873817. - Fix previous changelog version. * Mon Nov 19 2012 Nils Philippsen <nils@redhat.com> - 0.48.3.1-3 - update sourceforge download URL * Thu Nov 1 2012 Jon Ciesla <limburgher@gmail.com> - 0.48.3.1-2 - Allow loading large XML, BZ 871012. * Fri Oct 5 2012 Jon Ciesla <limburgher@gmail.com> - 0.48.3.1-1 - Lastest upstream. * Thu Oct 4 2012 Jon Ciesla <limburgher@gmail.com> - 0.48.2-13 - Added dep on uniconvertor, BZ 796424. * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.48.2-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jul 9 2012 Petr Pisar <ppisar@redhat.com> - 0.48.2-11 - Perl 5.16 rebuild * Mon Jul 2 2012 Marek Kasik <mkasik@redhat.com> - 0.48.2-10 - Rebuild (poppler-0.20.1) * Wed Jun 27 2012 Petr Pisar <ppisar@redhat.com> - 0.48.2-9 - Perl 5.16 rebuild * Sat Jun 23 2012 Rex Dieter <rdieter@fedoraproject.org> - 0.48.2-8 - fix icon/desktop-file scriptlets (#739375) - drop .desktop vendor (f18+) - inkscape doesn't build with poppler-0.20.0 (#822413) * Fri Jun 15 2012 Petr Pisar <ppisar@redhat.com> - 0.48.2-7 - Perl 5.16 rebuild * Mon Jun 11 2012 Adel Gadllah <adel.gadllah@gmail.com> - 0.48.2-6 - Rebuild for new poppler * Wed Apr 11 2012 Peter Robinson <pbrobinson@fedoraproject.org> - 0.48.2-5 - Rebuild for ImageMagik * Thu Mar 8 2012 Daniel Drake <dsd@laptop.org> - 0.48.2-4 - Fix build with GCC 4.7 * Tue Feb 28 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.48.2-3 - Rebuilt for c++ ABI breakage * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.48.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Nov 15 2011 German Ruiz <germanrs@fedoraproject.org> - 0.48.2-1 - New upstream version - Fix glib include compile problem - Fix compilation against libpng-1.5 * Fri Oct 28 2011 Rex Dieter <rdieter@fedoraproject.org> - 0.48.1-10 - rebuild(poppler) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #888249 - CVE-2012-5656 inkscape: XXE via SVG rasterization https://bugzilla.redhat.com/show_bug.cgi?id=888249 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update inkscape' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|