Publishing details

Published on 2013-01-30
Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

inkscape (0.48.3.1-1ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML external entity
    - debian/patches/CVE-2012-5656.patch: disable loading external entities
      in src/preferences-skeleton.h, src/ui/dialog/ocaldialogs.cpp,
      src/xml/repr-io.cpp.
    - CVE-2012-5656
  * SECURITY UPDATE: possible file loading from /tmp
    - debian/patches/CVE-2012-6076.patch: make sure filename is absolute
      in src/extension/implementation/script.cpp.
    - CVE-2012-6076
 -- Marc Deslauriers <email address hidden>   Tue, 29 Jan 2013 13:39:18 -0500

Available diffs

diff from 0.48.3.1-1ubuntu1 (in Ubuntu) to 0.48.3.1-1ubuntu1.1 (2.2 KiB)

Builds

Built packages

inkscape vector-based drawing program

Package files

inkscape_0.48.3.1-1ubuntu1.1.diff.gz (26.6 KiB)
inkscape_0.48.3.1-1ubuntu1.1.dsc (2.4 KiB)
inkscape_0.48.3.1-1ubuntu1.1_amd64.deb (17.4 MiB)
inkscape_0.48.3.1-1ubuntu1.1_armel.deb (16.0 MiB)
inkscape_0.48.3.1-1ubuntu1.1_armhf.deb (15.9 MiB)
inkscape_0.48.3.1-1ubuntu1.1_i386.deb (17.3 MiB)
inkscape_0.48.3.1-1ubuntu1.1_powerpc.deb (17.6 MiB)
inkscape_0.48.3.1.orig.tar.gz (25.2 MiB)