Ubuntu

“inkscape” 0.48.3.1-1ubuntu6.1 source package in The Quantal Quetzal

Publishing history

0.48.3.1-1ubuntu6.1
PUBLISHED: Quantal pocket Updates in component main and section graphics
  • Published on 2013-01-30
  • Copied from ubuntu quantal in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
0.48.3.1-1ubuntu6.1
PUBLISHED: Quantal pocket Security in component main and section graphics
  • Published on 2013-01-30
  • Copied from ubuntu quantal in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

inkscape (0.48.3.1-1ubuntu6.1) quantal-security; urgency=low

  * SECURITY UPDATE: arbitrary file disclosure via XML external entity
    - debian/patches/CVE-2012-5656.patch: disable loading external entities
      in src/preferences-skeleton.h, src/ui/dialog/ocaldialogs.cpp,
      src/xml/repr-io.cpp.
    - CVE-2012-5656
  * SECURITY UPDATE: possible file loading from /tmp
    - debian/patches/CVE-2012-6076.patch: make sure filename is absolute
      in src/extension/implementation/script.cpp.
    - CVE-2012-6076
 -- Marc Deslauriers <email address hidden>   Tue, 29 Jan 2013 13:31:57 -0500