Package "inkscape"

Name:	inkscape
Description:	vector-based drawing program
Latest version:	0.48.3.1-1ubuntu1.1
Release:	precise (12.04)
Level:	updates
Repository:	main
Homepage:	http://www.inkscape.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "inkscape"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "inkscape" in Precise

Repository	Area	Version
base	main	0.48.3.1-1ubuntu1
security	main	0.48.3.1-1ubuntu1.1

Changelog

Version: 0.48.3.1-1ubuntu1.1 2013-01-30 17:07:04 UTC

inkscape (0.48.3.1-1ubuntu1.1) precise-security; urgency=low * SECURITY UPDATE: arbitrary file disclosure via XML external entity - debian/patches/CVE-2012-5656.patch: disable loading external entities in src/preferences-skeleton.h, src/ui/dialog/ocaldialogs.cpp, src/xml/repr-io.cpp. - CVE-2012-5656 * SECURITY UPDATE: possible file loading from /tmp - debian/patches/CVE-2012-6076.patch: make sure filename is absolute in src/extension/implementation/script.cpp. - CVE-2012-6076 -- Marc Deslauriers <email address hidden> Tue, 29 Jan 2013 13:39:18 -0500

CVE-2012-5656	The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML exter
CVE-2012-6076	inkscape reads .eps files from /tmp instead of the current directory

About - Send Feedback to @ubuntu_updates

Package "inkscape"

Links

Download "inkscape"

Other versions of "inkscape" in Precise

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates