Description: |
inkscape was updated to fix a XXE (Xml eXternal Entity) attack during rasterization of SVG images (CVE-2012-5656), where the rendering of malicious SVG images could have connected from inkscape to internal hosts.
* Also inkscape would have loaded .EPS files from untrusted /tmp occasionaly instead from the current directory. (CVE-2012-6076)
Security Issue references:
* CVE-2012-6076 * CVE-2012-5656
|