kumquat-buildroot/package/librsvg
Fabrice Fontaine e7988c7060 package/librsvg: security bump to version 2.50.9
Fix CVE-2023-38633: A directory traversal problem in the URL decoder of
librsvg before 2.56.3 could be used by local or remote attackers to
disclose files (on the local filesystem outside of the expected area),
as demonstrated by href=".?../../../../../../../../../../etc/passwd" in
an xi:include element.

https://gitlab.gnome.org/GNOME/librsvg/-/blob/2.50.9/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-28 22:59:34 +02:00
..
0001-gdk-pixbuf-loader-Makefile.am-set-GDK_PIXBUF_MODULED.patch
Config.in
librsvg.hash
librsvg.mk