Paketname
librsvg
Datum
2014-01-17
Advisory ID
MDVSA-2014:009
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

Updated librsvg and gtk+3.0 packages fix security vulnerability:

librsvg before version 2.39.0 allows remote attackers to read arbitrary
files via an XML document containing an external entity declaration
in conjunction with an entity reference (CVE-2013-1881).

For Business Server 1 gtk+3.0 has been patched to cope with the
changes in SVG loading due to the fix in librsvg.

Aktualisierte Pakete

MES5 i586

 37113a420ba5a53100cf39b3f605e77e  mes5/i586/librsvg2_2-2.22.3-1.1mdvmes5.2.i586.rpm
 a4555e9908e85e425275df23d3edc0e0  mes5/i586/librsvg-2.22.3-1.1mdvmes5.2.i586.rpm
 037dd79c6e4ca583d8631b2e846ae45e  mes5/i586/librsvg2-devel-2.22.3-1.1mdvmes5.2.i586.rpm 
 f7850fb1281aee8ad878b58d7da97d94  mes5/SRPMS/librsvg-2.22.3-1.1mdvmes5.2.src.rpm

MBS1 x86_64

 44b763852521caf2ee1bd1ced98d671d  mbs1/x86_64/gtk+3.0-3.4.1-3.1.mbs1.x86_64.rpm
 a789904da15e8993987ad3840f6be197  mbs1/x86_64/lib64gail3_0-3.4.1-3.1.mbs1.x86_64.rpm
 e271bfbcc262565eae856c3b8d576875  mbs1/x86_64/lib64gail3.0-devel-3.4.1-3.1.mbs1.x86_64.rpm
 cc7dc71ae837280c280f1a2e49a18f07  mbs1/x86_64/lib64gtk+3_0-3.4.1-3.1.mbs1.x86_64.rpm
 eea69dd8f52d83811571c345a6fbca15  mbs1/x86_64/lib64gtk+3.0-devel-3.4.1-3.1.mbs1.x86_64.rpm
 41561e7183e4df127530943708b09e18  mbs1/x86_64/lib64gtk-gir3.0-3.4.1-3.1.mbs1.x86_64.rpm
 5689ab1dd054219f87730ae0be62a930  mbs1/x86_64/lib64rsvg2_2-2.36.0-2.1.mbs1.x86_64.rpm
 650ae722b83bdd14c90a105e4d79a3d4  mbs1/x86_64/lib64rsvg2-devel-2.36.0-2.1.mbs1.x86_64.rpm
 6cdf67c0e74d4120b0b4759e3550d4e8  mbs1/x86_64/lib64rsvg-gir2.0-2.36.0-2.1.mbs1.x86_64.rpm
 feb51a155113502b3e3eb622eb81147d  mbs1/x86_64/librsvg-2.36.0-2.1.mbs1.x86_64.rpm 
 b65bbf46a938e2388891c5a053fea790  mbs1/SRPMS/gtk+3.0-3.4.1-3.1.mbs1.src.rpm
 e3e0e27f4876607098a40ac9bae9e87a  mbs1/SRPMS/librsvg-2.36.0-2.1.mbs1.src.rpm

MES5 x86_64

 b0506f0fdf820aa4e832e119dd8521bc  mes5/x86_64/lib64rsvg2_2-2.22.3-1.1mdvmes5.2.x86_64.rpm
 13fe6bdc8aeb3705036b86e1de5e20ba  mes5/x86_64/lib64rsvg2-devel-2.22.3-1.1mdvmes5.2.x86_64.rpm
 5f768d5b0f0641fb2bcbc822f0467bbd  mes5/x86_64/librsvg-2.22.3-1.1mdvmes5.2.x86_64.rpm 
 f7850fb1281aee8ad878b58d7da97d94  mes5/SRPMS/librsvg-2.22.3-1.1mdvmes5.2.src.rpm

Referenzen