Updated librsvg packages fix security vulnerabilities
Publication date: 08 Mar 2015Modification date: 08 Mar 2015
Type: security
Affected Mageia releases : 4
Description
Atte Kettunen's fuzz testing found several vulnerabilities in librsvg:
- Invalid memory access caused by incorrect handling of a pattern paint
server with an xlink:href to a unexpected type (bgo#744299)
- Infinite loop in the handling of gradients (bgo#738169)
- Heap-buffer-overflow when there's a missing point in a point-list
(bgo#738050)
- Out of bounds memory access when clipping (bgo#703102)
- Integer overflow in the convolution matrix filter code (commit 53c50c)
- Fix double g_free() when processing stroke-dasharray (bgo#744688)
References
- https://bugs.mageia.org/show_bug.cgi?id=15303
- https://bugzilla.gnome.org/show_bug.cgi?id=744299
- https://bugzilla.gnome.org/show_bug.cgi?id=738169
- https://bugzilla.gnome.org/show_bug.cgi?id=738050
- https://bugzilla.gnome.org/show_bug.cgi?id=703102
- https://bugzilla.gnome.org/show_bug.cgi?id=744299
- https://git.gnome.org/browse/librsvg/commit/?id=53c50caecc970aef91cf8e3f1fde919f848d6f0c
SRPMS
4/core
- librsvg-2.39.0-1.2.mga4