inkscape source package in Ubuntu


inkscape ( precise-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML external entity
    - debian/patches/CVE-2012-5656.patch: disable loading external entities
      in src/preferences-skeleton.h, src/ui/dialog/ocaldialogs.cpp,
    - CVE-2012-5656
  * SECURITY UPDATE: possible file loading from /tmp
    - debian/patches/CVE-2012-6076.patch: make sure filename is absolute
      in src/extension/implementation/script.cpp.
    - CVE-2012-6076
 -- Marc Deslauriers <email address hidden>   Tue, 29 Jan 2013 13:39:18 -0500

Marc Deslauriers on 2013-01-29
Ubuntu Developers
Low Urgency

Precise updates on 2013-01-30 main graphics
Precise security on 2013-01-30 main graphics


File Size SHA-256 Checksum
inkscape_0.48.3.1.orig.tar.gz 25.2 MiB b4009e0962443d2558123f23de75ca0e9bd561aba00889361edfe04289248493
inkscape_0.48.3.1-1ubuntu1.1.diff.gz 26.6 KiB 3921b211fc2adbfeba39d3939ffe2b940e731f64df5a3261f27e56b1a1431393
inkscape_0.48.3.1-1ubuntu1.1.dsc 2.4 KiB 1a4d6ec2e1087ea0c5a58ce14ee4710304b8713e9de40bf62c67c5ebb879d782

inkscape: vector-based drawing program

 Inkscape loads and saves a subset of the SVG (Scalable Vector Graphics)
 format, a standard maintained by the WWW consortium.
 Inkscape user interface should be familiar from CorelDraw and similar
 drawing programs. There are rectangles, ellipses, text items, bitmap
 images and freehand curves.
 As an added bonus, both vector and bitmap objects can have alpha
 transparency and can be arbitrarily transformed.
 Inkscape supports multiple opened files and multiple views per file.
 Graphics can be printed and exported to png bitmaps.
 Some of the import and export features are provided using the packages
 dia, libwmf-bin, pstoedit, skencil, imagemagick, and perlmagick.
 Other extensions use ruby, libxml-xql-perl, python-numpy, and python-lxml.
 You must have these packages to make full use of all extensions and effects.
 If you want to use the spellchecker, you have to install aspell and the
 respective language-pack, e.g. aspell-en or aspell-de.