Mageia 7: MGASA-2021-0234 Moderate: Update for librsvg Double Free

mageia

June 8, 2021

This update patches the vendored `smallvec` Rust crate in librsvg to fix a security vulnerability: The Iterator implementation mishandles destructors, leading to a double free (CV...

Summary

This update patches the vendored `smallvec` Rust crate in librsvg to fix a security vulnerability:
The Iterator implementation mishandles destructors, leading to a double free (CVE-2021-25900).

References

- https://bugs.mageia.org/show_bug.cgi?id=29055

- https://github.com/servo/rust-smallvec/commit/5757ac500d4e544485d796b542e4e589749c291b

- https://www.cve.org/CVERecord?id=CVE-2021-25900

Topics Covered

security advisory software update medium severity double free librsvg mageia rust crate

Resolution

SRPMS

- 7/core/librsvg-2.45.5-3.2.mga7

Publication date: 08 Jun 2021

URL: https://advisories.mageia.org/MGASA-2021-0234.html

Type: security

CVE: CVE-2021-25900

Topics Covered

security advisory software update medium severity double free librsvg mageia rust crate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 7: MGASA-2021-0234 Moderate: Update for librsvg Double Free

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 7: MGASA-2021-0234 Moderate: Update for librsvg Double Free

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!