Advisories » MGASA-2018-0297

Updated librsvg packages fix a security vulnerability

Publication date: 24 Jun 2018
Modification date: 24 Jun 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2018-1000041

Description

Updated librsvg package fixes security vulnerability:

It was discovered that there was an input validation vulnerability in the 
librsvg renderer library that could result in data being leaked to remote 
attackers via a specially-crafted file (CVE-2018-1000041).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23206
• https://lists.opensuse.org/opensuse-updates/2018-05/msg00045.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000041

SRPMS

5/core

• librsvg-2.40.18-1.1.mga5