Security update for librsvg SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1333-1 Final 1 1 2016-05-18T09:10:44Z current 2016-05-18T09:10:44Z 2016-05-18T09:10:44Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for librsvg This librsvg update to version 2.40.15 fixes the following issues: Security issues fixed: - CVE-2016-4348: DoS parsing SVGs with circular definitions _rsvg_css_normalize_font_size() function (boo#977986) Bugs fixed: - Actually scale the image if required, regression fix from upstream git (bgo#760262). - Fixed bgo#759084: Don't crash when filters don't actually exist. - Updated our autogen.sh to use modern autotools. - Fixed bgo#761728: Memory leak in the PrimitiveComponentTransfer filter. - Added basic support for the 'baseline-shift' attribute in text objects (bgo#340047). - Fixed some duplicate logic when rendering paths (bgo#749415). - Rewrote the markers engine (bgo#685906, bgo#760180). - Refactoring of the test harness to use Glib's gtest infrastructure, instead of using home-grown machinery. Tests can simply be put as SVG files in the tests/subdirectories; it is not necessary to list them explicitly in some text file. - Gzipped SVGs now work if read from streams. - References to objects/filters/URIs/etc. are now handled lazily. Also, there is a general-purpose cycle detector so malformed SVGs don't cause infinite loops. - Removed parsing of Adobe blend modes; they were not implemented, anyway. - Add project files for building on Visual Studio (bgo#753555). - Added an '--export-id' option to rsvg-convert(1). This lets you select a single object to export, for example, to pick out a group from a multi-part drawing. Note that this is mostly useful for PNG output right now; for SVG output we don't preserve many attributes which could be useful in the extracted version. Doing this properly requires an internal 'output to SVG' backend instead of just telling Cairo to render to SVG. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html E-Mail link for openSUSE-SU-2016:1333-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 gdk-pixbuf-loader-rsvg-2.40.15-7.1 gdk-pixbuf-loader-rsvg-32bit-2.40.15-7.1 librsvg-2.40.15-7.1 librsvg-2-2-2.40.15-7.1 librsvg-2-2-32bit-2.40.15-7.1 librsvg-devel-2.40.15-7.1 rsvg-view-2.40.15-7.1 typelib-1_0-Rsvg-2_0-2.40.15-7.1 gdk-pixbuf-loader-rsvg-2.40.15-7.1 as a component of openSUSE Leap 42.1 gdk-pixbuf-loader-rsvg-32bit-2.40.15-7.1 as a component of openSUSE Leap 42.1 librsvg-2.40.15-7.1 as a component of openSUSE Leap 42.1 librsvg-2-2-2.40.15-7.1 as a component of openSUSE Leap 42.1 librsvg-2-2-32bit-2.40.15-7.1 as a component of openSUSE Leap 42.1 librsvg-devel-2.40.15-7.1 as a component of openSUSE Leap 42.1 rsvg-view-2.40.15-7.1 as a component of openSUSE Leap 42.1 typelib-1_0-Rsvg-2_0-2.40.15-7.1 as a component of openSUSE Leap 42.1 The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document. CVE-2016-4348 openSUSE Leap 42.1:gdk-pixbuf-loader-rsvg-2.40.15-7.1 openSUSE Leap 42.1:gdk-pixbuf-loader-rsvg-32bit-2.40.15-7.1 openSUSE Leap 42.1:librsvg-2-2-2.40.15-7.1 openSUSE Leap 42.1:librsvg-2-2-32bit-2.40.15-7.1 openSUSE Leap 42.1:librsvg-2.40.15-7.1 openSUSE Leap 42.1:librsvg-devel-2.40.15-7.1 openSUSE Leap 42.1:rsvg-view-2.40.15-7.1 openSUSE Leap 42.1:typelib-1_0-Rsvg-2_0-2.40.15-7.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html https://www.suse.com/security/cve/CVE-2016-4348.html CVE-2016-4348 https://bugzilla.suse.com/977986 SUSE Bug 977986