Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:5081: Red Hat Security Advisory: librsvg2 security update

An update for librsvg2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-38633: A directory traversal vulnerability was discovered in the URL decoder of Librsvg. This issue occurs when xinclude href has special characters; demonstrated by href=".?../…/…/…/…/…/…/…/…/…/etc/passwd" in an xi:include element, which can allow an attacker to send a specially crafted URL request containing “dot dot” sequences (/…/) to view arbitrary files on the system, affecting the data confidentiality.
Red Hat Security Data
Open in Source
#vulnerability#linux#red_hat#ibm#sap

Synopsis

Moderate: librsvg2 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for librsvg2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The librsvg2 packages provide a Scalable Vector Graphics (SVG) library based on the libart library.

Security Fix(es):

  • librsvg: Arbitrary file read when xinclude href has special characters (CVE-2023-38633)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2224945 - CVE-2023-38633 librsvg: Arbitrary file read when xinclude href has special characters

Red Hat Enterprise Linux for x86_64 9

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

x86_64

librsvg2-2.50.7-1.el9_2.1.i686.rpm

SHA-256: da9680cd62614a7075cdd2bc9ce79b9b4a3eabdaeed94fd5c58922a574aa2bde

librsvg2-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: dd110305ed74a1e4a908e3f013911ef1bfa15231d23c565ab70f76b4f83414ff

librsvg2-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: 78c2725de9dcf5f325a861d76f70a7d49b4639614ca8b7cbf1eec5d7fc5b4a82

librsvg2-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: a0fea658d353d6a68ae8bc4df2a6ca27dc3a61b3f6f72df4e8906ed8d1606180

librsvg2-debugsource-2.50.7-1.el9_2.1.i686.rpm

SHA-256: af512b81b22fe32305b4b23bbd44a6eeb11e4af2a6f04c97233eada2dabcf0ab

librsvg2-debugsource-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 69b5a58e046d1a91ec831c997f25a05107e25400c64b54c05bb1cc98208710c7

librsvg2-devel-2.50.7-1.el9_2.1.i686.rpm

SHA-256: e5a81e8a7e586ed229a388d923dca9f9ea3253eb8196a9a49a71366e418d2b13

librsvg2-devel-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: df0a00c0c97a685e8b2482f4b888bff3406f72dbca7e133e6984053cae03ef96

librsvg2-tools-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 0451d597c94b2268bca0b85033b0046b29fe113c09b28c5efe1b5294c14034b4

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: d7c72f5afdcf3e591b06f17c7fde3df3653ff0df356f1c0278a8d104b9a1c488

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 40794afa3321f7de807d44b1fbc1ff4ec5a5ef26a0af0172a8b39d21a23199d4

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

x86_64

librsvg2-2.50.7-1.el9_2.1.i686.rpm

SHA-256: da9680cd62614a7075cdd2bc9ce79b9b4a3eabdaeed94fd5c58922a574aa2bde

librsvg2-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: dd110305ed74a1e4a908e3f013911ef1bfa15231d23c565ab70f76b4f83414ff

librsvg2-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: 78c2725de9dcf5f325a861d76f70a7d49b4639614ca8b7cbf1eec5d7fc5b4a82

librsvg2-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: a0fea658d353d6a68ae8bc4df2a6ca27dc3a61b3f6f72df4e8906ed8d1606180

librsvg2-debugsource-2.50.7-1.el9_2.1.i686.rpm

SHA-256: af512b81b22fe32305b4b23bbd44a6eeb11e4af2a6f04c97233eada2dabcf0ab

librsvg2-debugsource-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 69b5a58e046d1a91ec831c997f25a05107e25400c64b54c05bb1cc98208710c7

librsvg2-devel-2.50.7-1.el9_2.1.i686.rpm

SHA-256: e5a81e8a7e586ed229a388d923dca9f9ea3253eb8196a9a49a71366e418d2b13

librsvg2-devel-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: df0a00c0c97a685e8b2482f4b888bff3406f72dbca7e133e6984053cae03ef96

librsvg2-tools-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 0451d597c94b2268bca0b85033b0046b29fe113c09b28c5efe1b5294c14034b4

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: d7c72f5afdcf3e591b06f17c7fde3df3653ff0df356f1c0278a8d104b9a1c488

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 40794afa3321f7de807d44b1fbc1ff4ec5a5ef26a0af0172a8b39d21a23199d4

Red Hat Enterprise Linux Server - AUS 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

x86_64

librsvg2-2.50.7-1.el9_2.1.i686.rpm

SHA-256: da9680cd62614a7075cdd2bc9ce79b9b4a3eabdaeed94fd5c58922a574aa2bde

librsvg2-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: dd110305ed74a1e4a908e3f013911ef1bfa15231d23c565ab70f76b4f83414ff

librsvg2-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: 78c2725de9dcf5f325a861d76f70a7d49b4639614ca8b7cbf1eec5d7fc5b4a82

librsvg2-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: a0fea658d353d6a68ae8bc4df2a6ca27dc3a61b3f6f72df4e8906ed8d1606180

librsvg2-debugsource-2.50.7-1.el9_2.1.i686.rpm

SHA-256: af512b81b22fe32305b4b23bbd44a6eeb11e4af2a6f04c97233eada2dabcf0ab

librsvg2-debugsource-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 69b5a58e046d1a91ec831c997f25a05107e25400c64b54c05bb1cc98208710c7

librsvg2-devel-2.50.7-1.el9_2.1.i686.rpm

SHA-256: e5a81e8a7e586ed229a388d923dca9f9ea3253eb8196a9a49a71366e418d2b13

librsvg2-devel-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: df0a00c0c97a685e8b2482f4b888bff3406f72dbca7e133e6984053cae03ef96

librsvg2-tools-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 0451d597c94b2268bca0b85033b0046b29fe113c09b28c5efe1b5294c14034b4

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: d7c72f5afdcf3e591b06f17c7fde3df3653ff0df356f1c0278a8d104b9a1c488

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 40794afa3321f7de807d44b1fbc1ff4ec5a5ef26a0af0172a8b39d21a23199d4

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

s390x

librsvg2-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: a0ae7ee42169d2aed33f28bf43fe3cd2fbc143d39e561ad03d0fdd9a60c27f3b

librsvg2-debuginfo-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: 10dac9dcdf7160241033743032872782aaa7f93bc38550eaed9698e1a8fe2482

librsvg2-debugsource-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: e47d8562228e4a62599efe3584a57371da598e03212bfa8ebb3f67f16aad4926

librsvg2-devel-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: d75fed4bd2a8ebaf64d9430440c38b645f08dd57a2636540c6839f007d4e4863

librsvg2-tools-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: 13e0dc6b2c0be7a22fad59f47748ec805b6990c27268818daabc83a330e5e330

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: c897cedeabf73c3c410431fe58b6b57172259bf355e738aa49f03c37bd52234f

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

s390x

librsvg2-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: a0ae7ee42169d2aed33f28bf43fe3cd2fbc143d39e561ad03d0fdd9a60c27f3b

librsvg2-debuginfo-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: 10dac9dcdf7160241033743032872782aaa7f93bc38550eaed9698e1a8fe2482

librsvg2-debugsource-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: e47d8562228e4a62599efe3584a57371da598e03212bfa8ebb3f67f16aad4926

librsvg2-devel-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: d75fed4bd2a8ebaf64d9430440c38b645f08dd57a2636540c6839f007d4e4863

librsvg2-tools-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: 13e0dc6b2c0be7a22fad59f47748ec805b6990c27268818daabc83a330e5e330

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: c897cedeabf73c3c410431fe58b6b57172259bf355e738aa49f03c37bd52234f

Red Hat Enterprise Linux for Power, little endian 9

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

ppc64le

librsvg2-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: ddce65f9c76738b215375707894358feb228afff4bd8ffc8ce5818c92d8cb930

librsvg2-debuginfo-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: 69d30eb8325935a82ce3654d4117104d0c5fcac6d4fa8cfe2156db97d9a850a7

librsvg2-debugsource-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: b266eb358f9763a671f653654d05b19d112adec78c2ffa2c78eef18c53c4da84

librsvg2-devel-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: c7afe16e91e59299c639c7b9a2ec4449f56bf8a1b726124fa640738aeda09f8e

librsvg2-tools-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: d168eae81ae8f0886fd9aa34debc6ee98064f776ce0705a6620167e5e3dad007

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: 4228aed84649880e473ab82efd9d00de9c08a1d47f6855b327263f052c30578e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

ppc64le

librsvg2-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: ddce65f9c76738b215375707894358feb228afff4bd8ffc8ce5818c92d8cb930

librsvg2-debuginfo-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: 69d30eb8325935a82ce3654d4117104d0c5fcac6d4fa8cfe2156db97d9a850a7

librsvg2-debugsource-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: b266eb358f9763a671f653654d05b19d112adec78c2ffa2c78eef18c53c4da84

librsvg2-devel-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: c7afe16e91e59299c639c7b9a2ec4449f56bf8a1b726124fa640738aeda09f8e

librsvg2-tools-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: d168eae81ae8f0886fd9aa34debc6ee98064f776ce0705a6620167e5e3dad007

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: 4228aed84649880e473ab82efd9d00de9c08a1d47f6855b327263f052c30578e

Red Hat Enterprise Linux for ARM 64 9

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

aarch64

librsvg2-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 6bca9790b13c5c5cdb4bd7dba803c57b50b1722f0f1a26fb1e14f75f5b1d8aca

librsvg2-debuginfo-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: f0dc0d0d6a9338d29509761edaa746a9897c5d4b8334cf8b6c84885a063faf7b

librsvg2-debugsource-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: f7686fbd62c9c8136804d15a8f3b75610d011cd59e19af2dded47f2f5cc27a3f

librsvg2-devel-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 811d3a22884dc865196f79141a2ca8c4f7a3aace55c48b5f0697b4f5de98ef75

librsvg2-tools-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 5e73b0f3bfaec691da6c27bbc245981d14630b44f6e7343ddc8f01b2ad2eab12

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 8fa630b612a5fd22139f8b11f9b4bec6d754da4749704cc13ab00bb55f056b8e

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

aarch64

librsvg2-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 6bca9790b13c5c5cdb4bd7dba803c57b50b1722f0f1a26fb1e14f75f5b1d8aca

librsvg2-debuginfo-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: f0dc0d0d6a9338d29509761edaa746a9897c5d4b8334cf8b6c84885a063faf7b

librsvg2-debugsource-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: f7686fbd62c9c8136804d15a8f3b75610d011cd59e19af2dded47f2f5cc27a3f

librsvg2-devel-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 811d3a22884dc865196f79141a2ca8c4f7a3aace55c48b5f0697b4f5de98ef75

librsvg2-tools-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 5e73b0f3bfaec691da6c27bbc245981d14630b44f6e7343ddc8f01b2ad2eab12

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 8fa630b612a5fd22139f8b11f9b4bec6d754da4749704cc13ab00bb55f056b8e

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

ppc64le

librsvg2-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: ddce65f9c76738b215375707894358feb228afff4bd8ffc8ce5818c92d8cb930

librsvg2-debuginfo-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: 69d30eb8325935a82ce3654d4117104d0c5fcac6d4fa8cfe2156db97d9a850a7

librsvg2-debugsource-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: b266eb358f9763a671f653654d05b19d112adec78c2ffa2c78eef18c53c4da84

librsvg2-devel-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: c7afe16e91e59299c639c7b9a2ec4449f56bf8a1b726124fa640738aeda09f8e

librsvg2-tools-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: d168eae81ae8f0886fd9aa34debc6ee98064f776ce0705a6620167e5e3dad007

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.ppc64le.rpm

SHA-256: 4228aed84649880e473ab82efd9d00de9c08a1d47f6855b327263f052c30578e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

x86_64

librsvg2-2.50.7-1.el9_2.1.i686.rpm

SHA-256: da9680cd62614a7075cdd2bc9ce79b9b4a3eabdaeed94fd5c58922a574aa2bde

librsvg2-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: dd110305ed74a1e4a908e3f013911ef1bfa15231d23c565ab70f76b4f83414ff

librsvg2-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: 78c2725de9dcf5f325a861d76f70a7d49b4639614ca8b7cbf1eec5d7fc5b4a82

librsvg2-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: a0fea658d353d6a68ae8bc4df2a6ca27dc3a61b3f6f72df4e8906ed8d1606180

librsvg2-debugsource-2.50.7-1.el9_2.1.i686.rpm

SHA-256: af512b81b22fe32305b4b23bbd44a6eeb11e4af2a6f04c97233eada2dabcf0ab

librsvg2-debugsource-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 69b5a58e046d1a91ec831c997f25a05107e25400c64b54c05bb1cc98208710c7

librsvg2-devel-2.50.7-1.el9_2.1.i686.rpm

SHA-256: e5a81e8a7e586ed229a388d923dca9f9ea3253eb8196a9a49a71366e418d2b13

librsvg2-devel-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: df0a00c0c97a685e8b2482f4b888bff3406f72dbca7e133e6984053cae03ef96

librsvg2-tools-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 0451d597c94b2268bca0b85033b0046b29fe113c09b28c5efe1b5294c14034b4

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.i686.rpm

SHA-256: d7c72f5afdcf3e591b06f17c7fde3df3653ff0df356f1c0278a8d104b9a1c488

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.x86_64.rpm

SHA-256: 40794afa3321f7de807d44b1fbc1ff4ec5a5ef26a0af0172a8b39d21a23199d4

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

aarch64

librsvg2-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 6bca9790b13c5c5cdb4bd7dba803c57b50b1722f0f1a26fb1e14f75f5b1d8aca

librsvg2-debuginfo-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: f0dc0d0d6a9338d29509761edaa746a9897c5d4b8334cf8b6c84885a063faf7b

librsvg2-debugsource-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: f7686fbd62c9c8136804d15a8f3b75610d011cd59e19af2dded47f2f5cc27a3f

librsvg2-devel-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 811d3a22884dc865196f79141a2ca8c4f7a3aace55c48b5f0697b4f5de98ef75

librsvg2-tools-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 5e73b0f3bfaec691da6c27bbc245981d14630b44f6e7343ddc8f01b2ad2eab12

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.aarch64.rpm

SHA-256: 8fa630b612a5fd22139f8b11f9b4bec6d754da4749704cc13ab00bb55f056b8e

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2

SRPM

librsvg2-2.50.7-1.el9_2.1.src.rpm

SHA-256: 27a30010e56f83cb32579be111a97a929090ab16ccfabf2ea21a2d51e8bea0ab

s390x

librsvg2-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: a0ae7ee42169d2aed33f28bf43fe3cd2fbc143d39e561ad03d0fdd9a60c27f3b

librsvg2-debuginfo-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: 10dac9dcdf7160241033743032872782aaa7f93bc38550eaed9698e1a8fe2482

librsvg2-debugsource-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: e47d8562228e4a62599efe3584a57371da598e03212bfa8ebb3f67f16aad4926

librsvg2-devel-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: d75fed4bd2a8ebaf64d9430440c38b645f08dd57a2636540c6839f007d4e4863

librsvg2-tools-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: 13e0dc6b2c0be7a22fad59f47748ec805b6990c27268818daabc83a330e5e330

librsvg2-tools-debuginfo-2.50.7-1.el9_2.1.s390x.rpm

SHA-256: c897cedeabf73c3c410431fe58b6b57172259bf355e738aa49f03c37bd52234f

Related news

Gentoo Linux Security Advisory 202408-14

Gentoo Linux Security Advisory 202408-14 - A vulnerability has been discovered in Librsvg, which can lead to arbitrary file reads. Versions greater than or equal to 2.56.3 are affected.

Red Hat Security Advisory 2023-5081-01

Red Hat Security Advisory 2023-5081-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.

Red Hat Security Advisory 2023-4809-01

Red Hat Security Advisory 2023-4809-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.

RHSA-2023:4809: Red Hat Security Advisory: librsvg2 security update

An update for librsvg2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-38633: A directory traversal vulnerability was discovered in the URL decoder of Librsvg. This issue occurs when xinclude href has special characters; demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element, which can allow an attacker to send a specially crafted URL request containing "dot do...

Debian Security Advisory 5484-1

Debian Linux Security Advisory 5484-1 - Zac Sims discovered a directory traversal in the URL decoder of librsvg, a SAX-based renderer library for SVG files, which could result in read of arbitrary files when processing a specially crafted SVG file with an include element.

Ubuntu Security Notice USN-6266-1

Ubuntu Security Notice 6266-1 - Zac Sims discovered that librsvg incorrectly handled decoding URLs. A remote attacker could possibly use this issue to read arbitrary files by using an include element.

CVE-2023-38633: 2.56.3 - stable · GNOME / librsvg · GitLab

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat Security Data