Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu: USN-1206-1 Moderate: Librsvg Security Issue Remote Access

Calendar Sep 13, 2011 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory security issue software update remote access Ubuntu image rendering librsvg
SVG image rendering library has had flaws fixed. 
=========================================================================Ubuntu Security Notice USN-1206-1
September 13, 2011

librsvg vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS

Summary:

SVG image rendering library has had flaws fixed.

Software Description:
- librsvg: Rendering library for SVG files

Details:

Sauli Pahlman discovered that librsvg did not correctly handle malformed
filter names. If a user or automated system were tricked into processing a
specially crafted SVG image, a remote attacker could gain user privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.04:
  librsvg2-2                      2.32.1-0ubuntu3.1
  librsvg2-bin                    2.32.1-0ubuntu3.1
  librsvg2-common                 2.32.1-0ubuntu3.1
  librsvg2-dev                    2.32.1-0ubuntu3.1

Ubuntu 10.10:
  librsvg2-2                      2.32.0-0ubuntu1.1
  librsvg2-bin                    2.32.0-0ubuntu1.1
  librsvg2-common                 2.32.0-0ubuntu1.1
  librsvg2-dev                    2.32.0-0ubuntu1.1

Ubuntu 10.04 LTS:
  librsvg2-2                      2.26.3-0ubuntu1.1
  librsvg2-bin                    2.26.3-0ubuntu1.1
  librsvg2-common                 2.26.3-0ubuntu1.1
  librsvg2-dev                    2.26.3-0ubuntu1.1

After a standard system update you need to restart your session to make
all the necessary changes.

References:
  
  CVE-2011-3146

Package Information:
  https://launchpad.net/ubuntu/+source/librsvg/2.32.1-0ubuntu3.1
  https://launchpad.net/ubuntu/+source/librsvg/2.32.0-0ubuntu1.1
  https://launchpad.net/ubuntu/+source/librsvg/2.26.3-0ubuntu1.1

Ubuntu: USN-1206-1 Moderate: Librsvg Security Issue Remote Access

ubuntu
Calendar Grey September 13, 2011
Dist Ubuntu Esm H88
Examine the latest librsvg security flaw impacting several Ubuntu versions and follow the provided guidelines for updates.
SVG image rendering library has had flaws fixed.

Summary

Topics%20covered

Topics Covered

security advisory security issue software update remote access Ubuntu image rendering librsvg

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: librsvg2-2 2.32.1-0ubuntu3.1 librsvg2-bin 2.32.1-0ubuntu3.1 librsvg2-common 2.32.1-0ubuntu3.1 librsvg2-dev 2.32.1-0ubuntu3.1 Ubuntu 10.10: librsvg2-2 2.32.0-0ubuntu1.1 librsvg2-bin 2.32.0-0ubuntu1.1 librsvg2-common 2.32.0-0ubuntu1.1 librsvg2-dev 2.32.0-0ubuntu1.1 Ubuntu 10.04 LTS: librsvg2-2 2.26.3-0ubuntu1.1 librsvg2-bin 2.26.3-0ubuntu1.1 librsvg2-common 2.26.3-0ubuntu1.1 librsvg2-dev 2.26.3-0ubuntu1.1 After a standard system update you need to restart your session to make all the necessary changes.

References

CVE-2011-3146

September 13, 2011

Topics%20covered

Topics Covered

security advisory security issue software update remote access Ubuntu image rendering librsvg

Package Information

https://launchpad.net/ubuntu/+source/librsvg/2.32.1-0ubuntu3.1 https://launchpad.net/ubuntu/+source/librsvg/2.32.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/librsvg/2.26.3-0ubuntu1.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here