Debian 10225 Published by

Updated librsvg packages has been released for Debian GNU/Linux 7 LTS



Package : librsvg
Version : 2.36.1-2+deb7u3
CVE ID : CVE-2018-1000041

It was discovered that there was an input validation vulnerability in
the librsvg renderer library that could result in data being leaked to
remote attackers via a specially-crafted file.

For Debian 7 "Wheezy", this issue has been fixed in librsvg version
2.36.1-2+deb7u3.

We recommend that you upgrade your librsvg packages.