Security update for librsvg SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:1288-1 Final 1 1 2018-05-15T13:04:44Z current 2018-05-15T13:04:44Z 2018-05-15T13:04:44Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for librsvg This update for librsvg fixes the following issues: - CVE-2018-1000041: Input validation issue could lead to credentials leak. (bsc#1083232) Update to version 2.40.20: + Except for emergencies, this will be the LAST RELEASE of the librsvg-2.40.x series. We are moving to 2.41, which is vastly improved over the 2.40 series. The API/ABI there remain unchaged, so we strongly encourage you to upgrade your sources and binaries to librsvg-2.41.x. + bgo#761175 - Allow masks and clips to reuse a node being drawn. + Don't access the file system when deciding whether to load a remote file with a UNC path for a paint server (i.e. don't try to load it at all). + Vistual Studio: fixed and integrated introspection builds, so introspection data is built directly from the Visual Studio project (Chun-wei Fan). + Visual Studio: We now use HIGHENTROPYVA linker option on x64 builds, to enhance the security of built binaries (Chun-wei Fan). + Fix generation of Vala bindings when compiling in read-only source directories (Emmanuele Bassi). Update to version 2.40.19: + bgo#621088: Using text objects as clipping paths is now supported. + bgo#587721: Fix rendering of text elements with transformations (Massimo). + bgo#777833 - Fix memory leaks when an RsvgHandle is disposed before being closed (Philip Withnall). + bgo#782098 - Don't pass deprecated options to gtk-doc (Ting-Wei Lan). + bgo#786372 - Fix the default for the 'type' attribute of the <style> element. + bgo#785276 - Don't crash on single-byte files. + bgo#634514: Don't render unknown elements and their sub-elements. + bgo#777155 - Ignore patterns that have close-to-zero dimensions. + bgo#634324 - Fix Gaussian blurs with negative scaling. + Fix the <switch> element; it wasn't working at all. + Fix loading when rsvg_handle_write() is called one byte at a time. + bgo#787895 - Fix incorrect usage of libxml2. Thanks to Nick Wellnhofer for advice on this. + Backported the test suite machinery from the master branch (Chun-wei Fan, Federico Mena). + We now require Pango 1.38.0 or later (released in 2015). + We now require libxml2 2.9.0 or later (released in 2012). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP3-2018-912,SUSE-SLE-SDK-12-SP3-2018-912,SUSE-SLE-SERVER-12-SP3-2018-912 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20181288-1/ Link for SUSE-SU-2018:1288-1 https://lists.suse.com/pipermail/sle-security-updates/2018-May/004049.html E-Mail link for SUSE-SU-2018:1288-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1083232 SUSE Bug 1083232 https://www.suse.com/security/cve/CVE-2018-1000041/ SUSE CVE CVE-2018-1000041 page SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP3 gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 librsvg-2-2-2.40.20-5.6.1 librsvg-2-2-32bit-2.40.20-5.6.1 rsvg-view-2.40.20-5.6.1 librsvg-devel-2.40.20-5.6.1 typelib-1_0-Rsvg-2_0-2.40.20-5.6.1 gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 librsvg-2-2-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 librsvg-2-2-32bit-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 rsvg-view-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server 12 SP3 librsvg-2-2-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server 12 SP3 librsvg-2-2-32bit-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server 12 SP3 rsvg-view-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server 12 SP3 gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 librsvg-2-2-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 librsvg-2-2-32bit-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 rsvg-view-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 librsvg-devel-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 typelib-1_0-Rsvg-2_0-2.40.20-5.6.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows. CVE-2018-1000041 SUSE Linux Enterprise Desktop 12 SP3:gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 SUSE Linux Enterprise Desktop 12 SP3:librsvg-2-2-2.40.20-5.6.1 SUSE Linux Enterprise Desktop 12 SP3:librsvg-2-2-32bit-2.40.20-5.6.1 SUSE Linux Enterprise Desktop 12 SP3:rsvg-view-2.40.20-5.6.1 SUSE Linux Enterprise Server 12 SP3:gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 SUSE Linux Enterprise Server 12 SP3:librsvg-2-2-2.40.20-5.6.1 SUSE Linux Enterprise Server 12 SP3:librsvg-2-2-32bit-2.40.20-5.6.1 SUSE Linux Enterprise Server 12 SP3:rsvg-view-2.40.20-5.6.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:librsvg-2-2-2.40.20-5.6.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:librsvg-2-2-32bit-2.40.20-5.6.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:rsvg-view-2.40.20-5.6.1 SUSE Linux Enterprise Software Development Kit 12 SP3:librsvg-devel-2.40.20-5.6.1 SUSE Linux Enterprise Software Development Kit 12 SP3:typelib-1_0-Rsvg-2_0-2.40.20-5.6.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20181288-1/ https://www.suse.com/security/cve/CVE-2018-1000041.html CVE-2018-1000041 https://bugzilla.suse.com/1083232 SUSE Bug 1083232