Описание
Security update for librsvg
This update for librsvg fixes the following issues:
- librsvg was updated to 2.42.9:
- Update dependent crates that had security vulnerabilities: smallvec to 0.6.14 - RUSTSEC-2018-0003 - CVE-2018-20991 (bsc#1148293) -the bundled version of the cssparser crate now builds correctly on Rust 1.43 (bsc#1181571).
Список пакетов
Image SLES15-SAP-Azure-LI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.42.9-3.6.1
librsvg-2-2-2.42.9-3.6.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.42.9-3.6.1
librsvg-2-2-2.42.9-3.6.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.42.9-3.6.1
librsvg-2-2-2.42.9-3.6.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.42.9-3.6.1
librsvg-2-2-2.42.9-3.6.1
SUSE Linux Enterprise Module for Package Hub 15 SP2
rsvg-view-2.42.9-3.6.1
Ссылки
- Link for SUSE-SU-2021:1310-1
- E-Mail link for SUSE-SU-2021:1310-1
- SUSE Security Ratings
- SUSE Bug 1148293
- SUSE Bug 1181571
- SUSE CVE CVE-2018-20991 page
Описание
An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:gdk-pixbuf-loader-rsvg-2.42.9-3.6.1
Image SLES15-SAP-Azure-LI-BYOS-Production:librsvg-2-2-2.42.9-3.6.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:gdk-pixbuf-loader-rsvg-2.42.9-3.6.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:librsvg-2-2-2.42.9-3.6.1
Ссылки
- CVE-2018-20991
- SUSE Bug 1148293