Advisories ยป MGASA-2016-0021

Updated librsvg packages fix security vulnerability

Publication date: 15 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-7557 , CVE-2015-7558


Out-of-bounds heap read in librsvg2 was found when parsing SVG file

Stack exhaustion due to cyclic dependency causing to crash an application
was found in librsvg2 while parsing SVG file (CVE-2015-7558).

The librsvg package has been updated to version 2.40.13, fixing these
issues and several other bugs.  See the upstream NEWS file for details.