Copied from
ubuntu precise in
Private PPA for Ubuntu Security Team
by Marc Deslauriers
Changelog
librsvg (2.36.1-0ubuntu1.1) precise-security; urgency=medium
* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
(XXE) issue.
- debian/patches/CVE-2013-1881.patch: implement stricter policy in
rsvg-base.c, rsvg-css.c, rsvg-io.c, rsvg-private.h.
- debian/control*: added appropriate Breaks as this updates requires
a fix to also be added to gtk+3.0.
- CVE-2013-1881
-- Marc Deslauriers <email address hidden> Fri, 14 Mar 2014 08:57:18 -0400