openSUSE has issued an advisory on May 17: https://lists.opensuse.org/opensuse-updates/2018-05/msg00045.html Mageia 5 is also affected.
Assigning to all packagers collectively, since there is no registered maintainer for this package.
Assignee: bugsquad => pkg-bugsCC: (none) => marja11
Patched package uploaded for Mageia 6. Advisory: ======================== Updated librsvg package fixes security vulnerability: It was discovered that there was an input validation vulnerability in the librsvg renderer library that could result in data being leaked to remote attackers via a specially-crafted file (CVE-2018-1000041). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000041 https://lists.opensuse.org/opensuse-updates/2018-05/msg00045.html ======================== Updated packages in core/updates_testing: ======================== lib64rsvg2_2-2.40.18-1.1.mga6 lib64rsvg2-devel-2.40.18-1.1.mga6 lib64rsvg-gir2.0-2.40.18-1.1.mga6 librsvg-2.40.18-1.1.mga6 from librsvg-2.40.18-1.1.mga6.src.rpm Testing procedure https://bugs.mageia.org/show_bug.cgi?id=21368#c4
Keywords: (none) => has_procedureAssignee: pkg-bugs => qa-bugsCC: (none) => mrambo
Mageia 6, x86_64 Updated the packages and ran tests based on the link to bug 21368. $ rsvg-convert -v rsvg-convert version 2.40.18 $ rsvg-convert -f pdf -w 607 -h 512 -b '#ebafdc' sample2.svg -o sample2.pdf $ xpdf sample2.pdf One page PDF with an image of a crown on a pink background. $ rsvg-convert -f pdf -w 607 -h 512 -b 'OliveDrab' sample2.svg -o sample3.pdf $ xpdf sample3.pdf Crown on a greenish background. $ rsvg-view-3 -b "#abcdef" mageia-2013.svg Displayed Mageia logo on pale blue background - and as said the window needs to be stretched. $ rsvg-view-3 -w 800 -h 600 -b "MistyRose" mageia-2013.svg This displays as a distorted image (squashed horizontally) on a rose background after stretching the window. The image responds to resizing with the + and - buttons. Good for 64-bits.
Whiteboard: (none) => MGA6-64-OKCC: (none) => tarazed25
Advisoried. Validating.
Keywords: (none) => advisory, validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0291.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Blocks: (none) => 23206