From Mageia wiki
Jump to: navigation, search

MGASA-2013-0006

Date: January 14th, 2013
Affected releases: 2


Description:
Updated inkscape package fixes security vulnerability:

An XML eXternal Entity (XXE) flaw was found in the way Inkscape before
0.48.4 performed rasterization of certain SVG images. A remote attacker
could provide a specially-crafted SVG image that, when opened in inkscape
would lead to arbitrary local file disclosure or denial of service
(CVE-2012-5656).


Updated Packages:
inkscape-0.48.4-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5656
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095380.html
https://bugs.mageia.org/show_bug.cgi?id=8624

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2013-0006&oldid=13476"