FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

librsvg2 -- denial of service vulnerability

Affected packages
librsvg2 < 2.40.7

Details

VuXML ID da634091-a84a-11e5-8f5c-002590263bf5
Discovery 2015-02-06
Entry 2015-12-22

Adam Maris, Red Hat Product Security, reports:

CVE-2015-7557: Out-of-bounds heap read in librsvg2 was found when parsing SVG file.

References

CVE Name CVE-2015-7557
URL http://www.openwall.com/lists/oss-security/2015/12/21/5
URL https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df