librsvg2-2.42.7-4.0.1.el8
エラータID: AXSA:2021-1255:01
Release date:
Tuesday, January 19, 2021 - 08:38
Subject:
librsvg2-2.42.7-4.0.1.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
The librsvg2 packages provide a Scalable Vector Graphics (SVG) library based on the libart library.
Security Fix(es):
* librsvg: Resource exhaustion via crafted SVG file with nested patterns (CVE-2019-20446)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
Solution:
Update packages.
CVEs:
CVE-2019-20446
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
Additional Info:
N/A
Download:
SRPMS
- librsvg2-2.42.7-4.0.1.el8.src.rpm
MD5: 6007589d12232e4c208de26f5b422be0
SHA-256: 41fc429e230a9ff8c63e1ca04d4b63cb3c0931043796ee47e77fbf192ea12f81
Size: 9.52 MB
Asianux Server 8 for x86_64
- librsvg2-2.42.7-4.0.1.el8.x86_64.rpm
MD5: 78471a80eae07b3448f6c9e5524c380e
SHA-256: 8c0f75118e70bb5e8e452759f10a042dd319659563fdd40bdc42a3b1de507edd
Size: 562.46 kB - librsvg2-devel-2.42.7-4.0.1.el8.x86_64.rpm
MD5: d210d0be5c9d9ea835a3f8f94bb5c7e0
SHA-256: 1bed5217352bad54b05d33554fb66b7dc002d21097528976c1a7740a8f386906
Size: 54.38 kB - librsvg2-tools-2.42.7-4.0.1.el8.x86_64.rpm
MD5: ea5c6f1c8d6e7b91fb8c7e18e6b0c279
SHA-256: 9ee6e16bea9dc8f940cd736700746b59b1aed5abd415f3073f2f9bf8fe12aac1
Size: 41.59 kB - librsvg2-2.42.7-4.0.1.el8.i686.rpm
MD5: 143a47351b3a3edf25e0c9d568654ec1
SHA-256: 4a4ed3a6b4b1dd0e9ba97d9bd1c4e377304b2859cf62bbc9429a0e2134eb0105
Size: 579.67 kB - librsvg2-devel-2.42.7-4.0.1.el8.i686.rpm
MD5: c5a3064924c83a38a7a704dbb5f865a3
SHA-256: e73cdbc1f2bb7c3fb37256c970bf6a1a65372b0499149a0ee0d9e07ce61b7080
Size: 54.40 kB
日本語