Mageia 2020-0159: librsvg security update

    Date 05 Apr 2020
    587
    Posted By LinuxSecurity Advisories
    The updated packages fix a security vulnerability: In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number
    MGASA-2020-0159 - Updated librsvg packages fix security vulnerability
    
    Publication date: 05 Apr 2020
    URL: https://advisories.mageia.org/MGASA-2020-0159.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2019-20446
    
    The updated packages fix a security vulnerability:
    
    In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested
    patterns can cause denial of service when passed to the library for
    processing. The attacker constructs pattern elements so that the number
    of final rendered objects grows exponentially. (CVE-2019-20446)
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26313
    - https://lists.suse.com/pipermail/sle-security-updates/2020-March/006583.html
    - https://lists.opensuse.org/opensuse-updates/2020-03/msg00080.html
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20446
    
    SRPMS:
    - 7/core/librsvg-2.45.5-3.1.mga7
    

    LinuxSecurity Poll

    Do you agree with the use of facial recognition technology?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/27-do-you-agree-with-the-use-of-facial-recognition-technology?task=poll.vote&format=json
    27
    radio
    [{"id":"97","title":"Yes","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"98","title":"In certain cases","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"99","title":"Never","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.