OVAL Reference oval:org.opensuse.security:def:104817

Oval Definition:

oval:org.opensuse.security:def:104817

Revision Date:	2020-07-07	Version:	1
Title:	Security update for librsvg (Moderate)
Description:	This update for librsvg to version 2.42.8 fixes the following issues: librsvg was updated to version 2.42.8 fixing the following issues: - CVE-2019-20446: Fixed an issue where a crafted SVG file with nested patterns can cause denial of service (bsc#1162501). NOTE: Librsvg now has limits on the number of loaded XML elements, and the number of referenced elements within an SVG document. - Fixed a stack exhaustion with circular references in elements. - Fixed a denial-of-service condition from exponential explosion of rendered elements, through nested use of SVG 'use' elements in malicious SVGs.
Family:	unix	Class:	patch
Status:		Reference(s):	1162501 CVE-2019-20446 SUSE-SU-2020:0629-1
Platform(s):	SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1	Product(s):