SUSE-SU-2015:1785-1

Опубликовано: 12 окт. 2015

Источник: suse-cvrf

Описание

Security update for librsvg

librsvg was updated to fix one security issue.

This security issue was fixed:

CVE-2013-1881: GNOME libsvg allowed remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue (bsc#840753).

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Desktop 11 SP4

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Server 11 SP3

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

librsvg-x86-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Server 11 SP3-TERADATA

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

librsvg-x86-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Server 11 SP4

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

librsvg-x86-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Server for SAP Applications 11 SP3

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

librsvg-x86-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

librsvg-2.26.0-2.5.1

librsvg-32bit-2.26.0-2.5.1

librsvg-x86-2.26.0-2.5.1

rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Software Development Kit 11 SP3

librsvg-devel-2.26.0-2.5.1

SUSE Linux Enterprise Software Development Kit 11 SP4

librsvg-devel-2.26.0-2.5.1

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20151785-1/
Link for SUSE-SU-2015:1785-1
https://lists.suse.com/pipermail/sle-security-updates/2015-October/001637.html
E-Mail link for SUSE-SU-2015:1785-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/840753
SUSE Bug 840753
https://www.suse.com/security/cve/CVE-2013-1881/
SUSE CVE CVE-2013-1881 page

Описание

GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Затронутые продукты

SUSE Linux Enterprise Desktop 11 SP3:librsvg-2.26.0-2.5.1

SUSE Linux Enterprise Desktop 11 SP3:librsvg-32bit-2.26.0-2.5.1

SUSE Linux Enterprise Desktop 11 SP3:rsvg-view-2.26.0-2.5.1

SUSE Linux Enterprise Desktop 11 SP4:librsvg-2.26.0-2.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2013-1881.html
CVE-2013-1881
https://bugzilla.suse.com/840753
SUSE Bug 840753

SUSE-SU-2015:1785-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3

SUSE Linux Enterprise Desktop 11 SP4

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP3

SUSE Linux Enterprise Server for SAP Applications 11 SP4

SUSE Linux Enterprise Software Development Kit 11 SP3

SUSE Linux Enterprise Software Development Kit 11 SP4

Ссылки

Уязвимость: CVE-2013-1881

Описание

Затронутые продукты

Ссылки