Описание
Security update for librsvg
This update for librsvg fixes the following issues:
- librsvg was updated to 2.46.5:
- Update dependent crates that had security vulnerabilities: smallvec to 0.6.14 - RUSTSEC-2018-0003 - CVE-2021-25900 (bsc#1183403)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
gdk-pixbuf-loader-rsvg-2.46.5-lp152.2.3.1
gdk-pixbuf-loader-rsvg-32bit-2.46.5-lp152.2.3.1
librsvg-2-2-2.46.5-lp152.2.3.1
librsvg-2-2-32bit-2.46.5-lp152.2.3.1
librsvg-devel-2.46.5-lp152.2.3.1
librsvg-lang-2.46.5-lp152.2.3.1
rsvg-convert-2.46.5-lp152.2.3.1
rsvg-thumbnailer-2.46.5-lp152.2.3.1
typelib-1_0-Rsvg-2_0-2.46.5-lp152.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0634-1
- SUSE Security Ratings
- SUSE Bug 1183403
- SUSE CVE CVE-2021-25900 page
Описание
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.
Затронутые продукты
openSUSE Leap 15.2:gdk-pixbuf-loader-rsvg-2.46.5-lp152.2.3.1
openSUSE Leap 15.2:gdk-pixbuf-loader-rsvg-32bit-2.46.5-lp152.2.3.1
openSUSE Leap 15.2:librsvg-2-2-2.46.5-lp152.2.3.1
openSUSE Leap 15.2:librsvg-2-2-32bit-2.46.5-lp152.2.3.1
Ссылки
- CVE-2021-25900
- SUSE Bug 1183403