Updated librsvg packages has been released for Debian GNU/Linux 7 LTS
Package : librsvg
Version : 2.36.1-2+deb7u3
CVE ID : CVE-2018-1000041
It was discovered that there was an input validation vulnerability in
the librsvg renderer library that could result in data being leaked to
remote attackers via a specially-crafted file.
For Debian 7 "Wheezy", this issue has been fixed in librsvg version
2.36.1-2+deb7u3.
We recommend that you upgrade your librsvg packages.