~ubuntu-branches/ubuntu/saucy/librsvg/saucy-security

Viewing all changes in revision 60.

Committer: Package Import Robot
Author(s): Marc Deslauriers
Date: 2014-03-14 08:52:45 UTC
Revision ID: package-import@ubuntu.com-20140314085245-yl8vh6kvqxbem27p

Tags: 2.36.4-2ubuntu0.1

* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
  (XXE) issue.
  - debian/patches/CVE-2013-1881.patch: implement stricter policy in
    rsvg-base.c, rsvg-css.c, rsvg-io.c, rsvg-private.h.
  - CVE-2013-1881

files added:
.pc/CVE-2013-1881.patch

.pc/CVE-2013-1881.patch/rsvg-base.c

.pc/CVE-2013-1881.patch/rsvg-css.c

.pc/CVE-2013-1881.patch/rsvg-io.c

.pc/CVE-2013-1881.patch/rsvg-private.h

debian/patches/CVE-2013-1881.patch

files modified:
.pc/applied-patches

debian/changelog

debian/control

debian/control.in

debian/patches/series

rsvg-base.c

rsvg-css.c

rsvg-io.c

rsvg-private.h

expand all

Show diffs side-by-side

added added

removed removed

.pc/CVE-2013-1881.patch/

.pc/CVE-2013-1881.patch/rsvg-base.c

.pc/CVE-2013-1881.patch/rsvg-css.c

.pc/CVE-2013-1881.patch/rsvg-io.c

.pc/CVE-2013-1881.patch/rsvg-private.h

debian/patches/CVE-2013-1881.patch

debian/patches/series

Older »