drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in librsvg2
Name: |
Denial of Service in librsvg2 |
|
ID: |
FEDORA-2019-d7ef743ef0 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 28 |
|
Datum: |
Mi, 27. März 2019, 07:52 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
libRSVG |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2019-d7ef743ef0 2019-03-27 03:26:43.386615 ------------------------------------------------------------------------------- -
Name : librsvg2 Product : Fedora 28 Version : 2.42.7 Release : 2.fc28 URL : https://wiki.gnome.org/Projects/LibRsvg Summary : An SVG library based on cairo Description : An SVG library based on cairo.
------------------------------------------------------------------------------- - Update Information:
librsvg 2.42.7 release. - Fix a denial-of-service condition from exponential explosion of rendered elements, through nested use of SVG "use" elements in malicious SVGs. This is similar to the XML "billion laughs attack" but for SVG instancing. ------------------------------------------------------------------------------- - ChangeLog:
* Mon Feb 18 2019 Kalev Lember <klember@redhat.com> - 2.42.7-2 - Rebuild * Tue Sep 4 2018 Kalev Lember <klember@redhat.com> - 2.42.7-1 - Update to 2.42.7 * Wed Aug 8 2018 Kalev Lember <klember@redhat.com> - 2.42.6-1 - Update to 2.42.6 - Use bundled rust deps ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-d7ef743ef0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
|
|
|
|