Oval Definition:
oval:org.mitre.oval:def:24099
Revision Date
:
2014-05-26
Version
:
13
Title
:
ELSA-2014:0127: librsvg2 security update (Moderate)
Description
:
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2013-1881
ELSA-2014:0127-01
Platform(s)
:
Oracle Linux 6
Product(s)
:
librsvg2
Definition Synopsis
Oracle Linux 6.x
AND
rpm test
librsvg2-devel is earlier than 0:2.26.0-6.el6_5.3
OR
librsvg2 is earlier than 0:2.26.0-6.el6_5.3
BACK