Ubuntu

“inkscape” 0.48.3.1-1ubuntu1.1 source package in The Precise Pangolin

Publishing history

0.48.3.1-1ubuntu1.1
PUBLISHED: Precise pocket Updates in component main and section graphics
  • Published on 2013-01-30
  • Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
0.48.3.1-1ubuntu1.1
PUBLISHED: Precise pocket Security in component main and section graphics
  • Published on 2013-01-30
  • Copied from ubuntu precise in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

inkscape (0.48.3.1-1ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML external entity
    - debian/patches/CVE-2012-5656.patch: disable loading external entities
      in src/preferences-skeleton.h, src/ui/dialog/ocaldialogs.cpp,
      src/xml/repr-io.cpp.
    - CVE-2012-5656
  * SECURITY UPDATE: possible file loading from /tmp
    - debian/patches/CVE-2012-6076.patch: make sure filename is absolute
      in src/extension/implementation/script.cpp.
    - CVE-2012-6076
 -- Marc Deslauriers <email address hidden>   Tue, 29 Jan 2013 13:39:18 -0500