MGASA-2021-0149 - Updated python-cairosvg packages fix security vulnerability

Publication date: 21 Mar 2021
Type: security
Affected Mageia releases: 7
CVE: CVE-2021-21236

When processing SVG files, the python package CairoSVG uses two regular
expressions which are vulnerable to Regular Expression Denial of Service
(REDoS). If an attacker provides a malicious SVG, it can make cairosvg
get stuck processing the file for a very long time (CVE-2021-21236).


- 7/core/python-cairosvg-2.2.1-1.1.mga7