Package "librsvg"

Name:	librsvg
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: command-line utility to convert SVG files
Latest version:	2.48.9-1ubuntu0.20.04.4
Release:	focal (20.04)
Level:	security
Repository:	universe

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "librsvg" in Focal

Repository	Area	Version
base	main	2.48.2-1
base	universe	2.48.2-1
security	main	2.48.9-1ubuntu0.20.04.4
updates	main	2.48.9-1ubuntu0.20.04.4
updates	universe	2.48.9-1ubuntu0.20.04.4

Packages in group

Deleted packages are displayed in grey.

librsvg2-bin

Changelog

Version: 2.48.9-1ubuntu0.20.04.4 2023-08-02 08:07:14 UTC

librsvg (2.48.9-1ubuntu0.20.04.4) focal-security; urgency=medium * SECURITY UPDATE: Arbitrary file read when xinclude href has special characters - debian/patches/CVE-2023-38633.patch: validate URLs in librsvg/rsvg-handle.c, rsvg_internals/src/allowed_url.rs, rsvg_internals/src/filters/component_transfer.rs, tests/*. - debian/patches/fix_old_rust_compat.patch: fix compatibility with older rust versions in rsvg_internals/src/allowed_url.rs. - CVE-2023-38633 * Don't fail the build on tests error for i386 -- Marc Deslauriers <email address hidden> Fri, 28 Jul 2023 08:56:58 -0400

CVE-2023-38633

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local

About - Send Feedback to @ubuntu_updates

Package "librsvg"

Links

Other versions of "librsvg" in Focal

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates