1
Candidate: CVE-2015-7558
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7558
6
librsvg before 2.40.12 allows context-dependent attackers to cause a denial
7
of service (infinite loop, stack consumption, and application crash) via
8
cyclic references in an SVG document.
11
mdeslaur> intrusive backport
13
https://bugzilla.redhat.com/show_bug.cgi?id=1268243
15
Discovered-by: Gustavo Grieco
19
upstream: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61
20
upstream_librsvg: released (2.40.12)
21
precise_librsvg: ignored (reached end-of-life)
22
precise/esm_librsvg: DNE (precise was needed)
23
trusty_librsvg: needed
24
vivid_librsvg: ignored (reached end-of-life)
25
vivid/stable-phone-overlay_librsvg: ignored (reached end-of-life)
26
vivid/ubuntu-core_librsvg: DNE
27
wily_librsvg: ignored (reached end-of-life)
28
xenial_librsvg: not-affected (2.40.13-1)
29
yakkety_librsvg: not-affected (2.40.13-1)
30
zesty_librsvg: not-affected (2.40.13-1)
31
artful_librsvg: not-affected (2.40.13-1)
32
bionic_librsvg: not-affected (2.40.13-1)
33
devel_librsvg: not-affected (2.40.13-1)