-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 12 Feb 2018 09:31:38 +0000 Source: librsvg Binary: librsvg2-dev librsvg2-2 librsvg2-common librsvg2-doc librsvg2-dbg librsvg2-bin gir1.2-rsvg-2.0 Architecture: source all amd64 Version: 2.36.1-2+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: Josselin Mouette <joss@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: gir1.2-rsvg-2.0 - gir files for renderer library for SVG files librsvg2-2 - SAX-based renderer library for SVG files (runtime) librsvg2-bin - command-line and graphical viewers for SVG files librsvg2-common - SAX-based renderer library for SVG files (extra runtime) librsvg2-dbg - SAX-based renderer library for SVG files (debug) librsvg2-dev - SAX-based renderer library for SVG files (development) librsvg2-doc - SAX-based renderer library for SVG files (documentation) Changes: librsvg (2.36.1-2+deb7u3) wheezy-security; urgency=high . * CVE-2018-1000041: Fix an improper input validation vulnerability that can result in the user's data being leaked to remote attackers via a specially-crafted file. Checksums-Sha1: 55da17eaec792da95227deaf156e483f2047e220 2782 librsvg_2.36.1-2+deb7u3.dsc 1084015373e90ff8fccbae4b27ee778bbdf14d40 506184 librsvg_2.36.1.orig.tar.xz 6db7d734b78630f992651430e4ace1a33400f317 22546 librsvg_2.36.1-2+deb7u3.debian.tar.gz fd21e57345ca85a3d005bf8e9c1f46560ebb35be 177980 librsvg2-doc_2.36.1-2+deb7u3_all.deb 1c62be039ea7c52aef79b5fe7e26ec96e32fadd3 254174 librsvg2-dev_2.36.1-2+deb7u3_amd64.deb af0c0e4d63cdf86c30c77ef5c1e4e4c8f3960b27 239096 librsvg2-2_2.36.1-2+deb7u3_amd64.deb 983ed020a2c4f1f4efb08671fc8ddbe227f0f5f7 162246 librsvg2-common_2.36.1-2+deb7u3_amd64.deb 381a81256778ea01209854f88c0abeb7badbdea3 453924 librsvg2-dbg_2.36.1-2+deb7u3_amd64.deb c93f5cdd8de7059184615e95e91d823f9e52ab0d 172978 librsvg2-bin_2.36.1-2+deb7u3_amd64.deb 578514e660ad5b8225642020171680c7ce03c634 160630 gir1.2-rsvg-2.0_2.36.1-2+deb7u3_amd64.deb Checksums-Sha256: 4275bd222d21a2a4ed3bf1404ae0f30374cc72b969823bcfc5959c6968747860 2782 librsvg_2.36.1-2+deb7u3.dsc 786b95e1a091375c5ef2997a21c69ff24d7077afeff18197355f54d9dcbcd8c5 506184 librsvg_2.36.1.orig.tar.xz 4d5e9cd56b46328807a27003bbab4722025b997e7220cfae572bd91e34e5f87d 22546 librsvg_2.36.1-2+deb7u3.debian.tar.gz 124b225d0fe244bb08625f01dde17a3861389bf6c32cb8c2365b618c7186cbfa 177980 librsvg2-doc_2.36.1-2+deb7u3_all.deb dfd5deab35f51a06eb292314890afd6095415ce4018e083fa7ba4ae5772f7c83 254174 librsvg2-dev_2.36.1-2+deb7u3_amd64.deb ef910f49c8d8556eec078e158b7d47b69526303d809674dafb24527c686d2836 239096 librsvg2-2_2.36.1-2+deb7u3_amd64.deb cd4a506d30a78963e6a34f01eaed3d99dd917ee5e336753e456b57d14fbb9358 162246 librsvg2-common_2.36.1-2+deb7u3_amd64.deb e06f37b717c0fc83edbdd7e3d6092638a4cdd2f6c94e86a32715b414663e1047 453924 librsvg2-dbg_2.36.1-2+deb7u3_amd64.deb 9f59c60842f80e0c8552268821d0329ec29dce0dfd18b098a1b009f6cbf82bcc 172978 librsvg2-bin_2.36.1-2+deb7u3_amd64.deb 37b9bcc923f9dd9ee17340854f001c32d1f1b177befecc1eed2f28475ffd8cc7 160630 gir1.2-rsvg-2.0_2.36.1-2+deb7u3_amd64.deb Files: 3f843f4a87602901515934587e1e1854 2782 libdevel optional librsvg_2.36.1-2+deb7u3.dsc 89d483f30a7c77245b7ee02faaea5a5a 506184 libdevel optional librsvg_2.36.1.orig.tar.xz 7f7b6639bface93a2cb3c48e35bb46fc 22546 libdevel optional librsvg_2.36.1-2+deb7u3.debian.tar.gz 5d530b79cc467b0994767c021d463a05 177980 doc optional librsvg2-doc_2.36.1-2+deb7u3_all.deb 9c44d13f3b7725db023464df4da0c010 254174 libdevel optional librsvg2-dev_2.36.1-2+deb7u3_amd64.deb 6ba0e25528b82b3e482bd4ff59056aa6 239096 libs optional librsvg2-2_2.36.1-2+deb7u3_amd64.deb 3893ab8c7e78784766800d90bb17b19e 162246 libs optional librsvg2-common_2.36.1-2+deb7u3_amd64.deb 8b38fd69046a7f2c94ae026b06683099 453924 debug extra librsvg2-dbg_2.36.1-2+deb7u3_amd64.deb 7870033ff43f1eedabddbceb0ea553fa 172978 graphics optional librsvg2-bin_2.36.1-2+deb7u3_amd64.deb 4f16a1958391548f02352aeabc648c4f 160630 introspection optional gir1.2-rsvg-2.0_2.36.1-2+deb7u3_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqBYqcACgkQHpU+J9Qx HljJnQ/+OVTeMzKmi2DRgfBNglwoVtj5PFj63lbygSPLpc3AhY0Bzg1S499p+DhN fKUO8iI/+kug9aE8ZM88ojJim11pKIzuBf1tJl3VkGbvTD/aG8DkcVyulGh6JjO+ e51wGOWdr1jxE3TKENoU0EI0dAaksU9004+oHBCMW5ahba/DiXtFpFRbkmV9dtjW 59UwXg9JzPU5LZyNYtod0qMwdZ+kKIYIupQZBlEPGcaASYj2dPYC2e04YdBwlXj4 GM/X6RcOkpVtXzPdfsOGwf2TfZsCvQNiZRP+cMJdj3GKv4inP/dhpyR/mzkwhiPt 0B7NL6Bx+Uhbzl8fkU5uysvUl1bfIPkJt/TQWA7jZKkrW7lhNDulPtKHQ/okoxHk 71J2BY7gE2Xb4M64o5xrnifIZSVgGpaUKEo6dk6sW8u53iRHQDVZ6U3NaP9R9vJH oaQ0KWksYlmDWrcuNz0UucJe5ZUzQuu/V+8sU/r1wmxnnptJdS2Rtr+Yq13CRELA TVmgCW5Vs2kTf6QkkSmQPFkjcmdMTCZufrQCoS3YpCSjI0msazH8Iw3EzxMaOqVa bSIY1MTxA78sgX1QbjCx1h2X4Pz57sHKCGbZO9wPt5VpgYsLBcuIuNgPaC66b6Fk euNiRbSszwyl9xas4VjPRsIdraYtjbPlTTDa7igSXDDV488/dyU= =gYrv -----END PGP SIGNATURE-----