USN-6266-1: librsvg vulnerability
1 August 2023
librsvg could be made to expose sensitive information.
- librsvg - renderer library for SVG files
Zac Sims discovered that librsvg incorrectly handled decoding URLs. A
remote attacker could possibly use this issue to read arbitrary files by
using an include element.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart your session to make all
the necessary changes.