FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

librsvg2 -- denial of service vulnerability

Affected packages
librsvg2 < 2.40.12


VuXML ID d6c51737-a84b-11e5-8f5c-002590263bf5
Discovery 2015-10-02
Entry 2015-12-22

Adam Maris, Red Hat Product Security, reports:

CVE-2015-7558: Stack exhaustion due to cyclic dependency causing to crash an application was found in librsvg2 while parsing SVG file. It has been fixed in 2.40.12 by many commits that has rewritten the checks for cyclic references.


CVE Name CVE-2015-7558
FreeBSD PR ports/205502