MDVSA-2014:009 -- Mandriva librsvgID: oval:org.secpod.oval:def:1300266 | Date: (C)2014-01-24 (M)2022-10-10 |
Class: PATCH | Family: unix |
Updated librsvg and gtk+3.0 packages fix security vulnerability: librsvg before version 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference . For Business Server 1 gtk+3.0 has been patched to cope with the changes in SVG loading due to the fix in librsvg.
Platform: |
Mandriva Enterprise Server 5.2 |