ELA-248-1 librsvg security update
Package librsvg
ELA-248-1 librsvg security update
Version 2.40.5-1+deb8u3
Related CVE CVE-2016-6163 CVE-2019-20446
Several issues have been fixed in librsvg, a library for rendering SVG files. This update corrects some denial of service via infinite loop or exponential element processing when parsing specially crafted files, as well as some memory safety issues.
For Debian 8 jessie, these problems have been fixed in version 2.40.5-1+deb8u3.
We recommend that you upgrade your librsvg packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
A librsvg security update has been released for Debian GNU/Linux 8 Extended LTS to address several issues in librsvg, a library for rendering SVG files.