Описание
ELSA-2011-1289: librsvg2 security update (MODERATE)
[2.26.0-5.el6_1.1]
- Store node type separately in RsvgNode (CVE-2011-3146) Resolves: #735266
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
librsvg2
2.26.0-5.el6_1.1
librsvg2-devel
2.26.0-5.el6_1.1
Oracle Linux i686
librsvg2
2.26.0-5.el6_1.1
librsvg2-devel
2.26.0-5.el6_1.1
Связанные CVE
Связанные уязвимости
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
librsvg before 2.34.1 uses the node name to identify the type of node, ...
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.