Ubuntu

“inkscape” 0.48.2-0ubuntu1.1 source package in The Oneiric Ocelot

Publishing history

0.48.2-0ubuntu1.1
PUBLISHED: Oneiric pocket Updates in component main and section graphics
  • Published on 2013-01-30
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
0.48.2-0ubuntu1.1
PUBLISHED: Oneiric pocket Security in component main and section graphics
  • Published on 2013-01-30
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

inkscape (0.48.2-0ubuntu1.1) oneiric-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML external entity
    - debian/patches/CVE-2012-5656.dpatch: disable loading external
      entities in src/preferences-skeleton.h,
      src/ui/dialog/ocaldialogs.cpp, src/xml/repr-io.cpp.
    - CVE-2012-5656
  * SECURITY UPDATE: possible file loading from /tmp
    - debian/patches/CVE-2012-6076.dpatch: make sure filename is absolute
      in src/extension/implementation/script.cpp.
    - CVE-2012-6076
 -- Marc Deslauriers <email address hidden>   Tue, 29 Jan 2013 13:40:53 -0500