inkscape source package in Ubuntu


inkscape ( precise-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML external entity
    - debian/patches/CVE-2012-5656.patch: disable loading external entities
      in src/preferences-skeleton.h, src/ui/dialog/ocaldialogs.cpp,
    - CVE-2012-5656
  * SECURITY UPDATE: possible file loading from /tmp
    - debian/patches/CVE-2012-6076.patch: make sure filename is absolute
      in src/extension/implementation/script.cpp.
    - CVE-2012-6076
 -- Marc Deslauriers <email address hidden>   Tue, 29 Jan 2013 13:39:18 -0500

Marc Deslauriers on 2013-01-29
Ubuntu Developers
Precise updates on 2013-01-30 main graphics
Precise security on 2013-01-30 main graphics


inkscape_0.48.3.1.orig.tar.gz 25.2 MiB ccf8ccd9e66199badb8c35ea3851a888
inkscape_0.48.3.1-1ubuntu1.1.diff.gz 26.6 KiB 2b5ec0e8dc1b856aa756893722403102
inkscape_0.48.3.1-1ubuntu1.1.dsc 2.4 KiB f0fe05752d3a9bb299007f5aa053d0ca

inkscape: vector-based drawing program

 Inkscape loads and saves a subset of the SVG (Scalable Vector Graphics)
 format, a standard maintained by the WWW consortium.
 Inkscape user interface should be familiar from CorelDraw and similar
 drawing programs. There are rectangles, ellipses, text items, bitmap
 images and freehand curves.
 As an added bonus, both vector and bitmap objects can have alpha
 transparency and can be arbitrarily transformed.
 Inkscape supports multiple opened files and multiple views per file.
 Graphics can be printed and exported to png bitmaps.
 Some of the import and export features are provided using the packages
 dia, libwmf-bin, pstoedit, skencil, imagemagick, and perlmagick.
 Other extensions use ruby, libxml-xql-perl, python-numpy, and python-lxml.
 You must have these packages to make full use of all extensions and effects.
 If you want to use the spellchecker, you have to install aspell and the
 respective language-pack, e.g. aspell-en or aspell-de.