Описание
Security update for librsvg
This update for librsvg fixes the following issues:
- librsvg was updated to 2.46.5:
- Update dependent crates that had security vulnerabilities: smallvec to 0.6.14 - RUSTSEC-2018-0003 - CVE-2021-25900 (bsc#1183403)
Список пакетов
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
librsvg-2-2-2.46.5-3.3.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
librsvg-2-2-2.46.5-3.3.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
librsvg-2-2-2.46.5-3.3.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
librsvg-2-2-2.46.5-3.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
librsvg-2-2-2.46.5-3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
librsvg-devel-2.46.5-3.3.1
typelib-1_0-Rsvg-2_0-2.46.5-3.3.1
Ссылки
- Link for SUSE-SU-2021:1408-1
- E-Mail link for SUSE-SU-2021:1408-1
- SUSE Security Ratings
- SUSE Bug 1183403
- SUSE CVE CVE-2021-25900 page
Описание
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:librsvg-2-2-2.46.5-3.3.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:gdk-pixbuf-loader-rsvg-2.46.5-3.3.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:librsvg-2-2-2.46.5-3.3.1
Ссылки
- CVE-2021-25900
- SUSE Bug 1183403