[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 4337-1] svgpp security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4337-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
October 17, 2025                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : svgpp
Version        : 1.3.0+dfsg1-4+deb11u1
CVE ID         : CVE-2021-44960
An issues has been found in svgpp: a C++ library for parsing and rendering Scalable Vector Graphics (SVG) files.
The XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly. Specifically, it returned a null pointer prematurely at the second if statement, resulting in a null pointer reference behind the renderDocument function. 


For Debian 11 bullseye, this problem has been fixed in version
1.3.0+dfsg1-4+deb11u1.

We recommend that you upgrade your svgpp packages.

For the detailed security status of svgpp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/svgpp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmjyeM9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEdmLA/+Kw3asBGvWSkp9hd2WqXzCkDN1Y0ourTiVdsBp95QUTnPURkhLaH7Go5I
9PP/G3+8gOfvCIGcl5kw3Jm4i37+8qCKM9aUpOX6K+EoVlg9pNUCgVlc0iuDTdfG
rrk193HOdUSDsRQHrsYZsFKQNPDzWGeXWCnL+ZYOMoqg7fayfcCpifU4JeBofOGe
S9igGpzeEleX7ffkFTbw8Lmp8LftrIvho1dtm7pIwlabcXGf+ERmY+kJh67yvBjp
pOu3Q2ootxXb12f1C12AFsDGQDSXWhgybKinrKzNV0L/0bJJM8DZvWoSxZgiHfXF
+eCBRiFXXiK/n7bynqaIchJ3Yy0chpVHNBq888zT17tyd/OTw1LEXFV1DfyHdTdD
f7pGFSXZT1xr9koeoEGoOuSEIDp16ABlPLAmagRVBKYwPSBRQWfzJTNmMz2YdoI2
IGxGxydG7KMzs+el/gmEvzADAlXwtEqFyugDxSVOOgukQXcV43gZzOuipk+Ee/OV
jPkgRX/e0h/QbbKMPVueq2N9mNgYlb47sJ9o5MSI4EVG8C8CHqHIXmqE7umf8IAR
D+eHoQoBwyUGTG7YbiH15IDsob1TzNkEXCnAFeeSyr8AeS3mQx+YiNx2SS0scK50
d9ltbr9fxdufukw2RI0BS4AYouS7iiQhTzzsSlayHHU5Y1RN5yk=
=1pow
-----END PGP SIGNATURE-----
Reply to: