Updated librsvg packages fix security vulnerabilities
Publication date: 08 Mar 2015Type: security
Affected Mageia releases : 4
Description
Atte Kettunen's fuzz testing found several vulnerabilities in librsvg: - Invalid memory access caused by incorrect handling of a pattern paint server with an xlink:href to a unexpected type (bgo#744299) - Infinite loop in the handling of gradients (bgo#738169) - Heap-buffer-overflow when there's a missing point in a point-list (bgo#738050) - Out of bounds memory access when clipping (bgo#703102) - Integer overflow in the convolution matrix filter code (commit 53c50c) - Fix double g_free() when processing stroke-dasharray (bgo#744688)
References
- https://bugs.mageia.org/show_bug.cgi?id=15303
- https://bugzilla.gnome.org/show_bug.cgi?id=744299
- https://bugzilla.gnome.org/show_bug.cgi?id=738169
- https://bugzilla.gnome.org/show_bug.cgi?id=738050
- https://bugzilla.gnome.org/show_bug.cgi?id=703102
- https://bugzilla.gnome.org/show_bug.cgi?id=744299
- https://git.gnome.org/browse/librsvg/commit/?id=53c50caecc970aef91cf8e3f1fde919f848d6f0c
SRPMS
4/core
- librsvg-2.39.0-1.2.mga4