[SECURITY] Fedora 17 Update: inkscape-0.48.4-1.fc17

updates at fedoraproject.org updates at fedoraproject.org
Sat Jan 5 06:48:42 UTC 2013


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-20620
2012-12-19 07:54:24
--------------------------------------------------------------------------------

Name        : inkscape
Product     : Fedora 17
Version     : 0.48.4
Release     : 1.fc17
URL         : http://inkscape.sourceforge.net/
Summary     : Vector-based drawing program using SVG
Description :
Inkscape is a vector graphics editor, with capabilities similar to
Illustrator, CorelDraw, or Xara X, using the W3C standard Scalable Vector
Graphics (SVG) file format.  It is therefore a very useful tool for web
designers and as an interchange format for desktop publishing.

Inkscape supports many advanced SVG features (markers, clones, alpha
blending, etc.) and great care is taken in designing a streamlined
interface. It is very easy to edit nodes, perform complex path operations,
trace bitmaps and much more.

--------------------------------------------------------------------------------
Update Information:

Fix XXE flaw, man page ownership.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  6 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-4
- 0.48.4, fix XXE security flaw.
- Correct man page ownership.
* Thu Dec  6 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-4
- Fix directory ownership, BZ 873817.
- Fix previous changelog version.
* Mon Nov 19 2012 Nils Philippsen <nils at redhat.com> - 0.48.3.1-3
- update sourceforge download URL
* Thu Nov  1 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-2
- Allow loading large XML, BZ 871012.
* Fri Oct  5 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-1
- Lastest upstream.
* Thu Oct  4 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.2-13
- Added dep on uniconvertor, BZ 796424.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.48.2-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jul  9 2012 Petr Pisar <ppisar at redhat.com> - 0.48.2-11
- Perl 5.16 rebuild
* Mon Jul  2 2012 Marek Kasik <mkasik at redhat.com> - 0.48.2-10
- Rebuild (poppler-0.20.1)
* Wed Jun 27 2012 Petr Pisar <ppisar at redhat.com> - 0.48.2-9
- Perl 5.16 rebuild
* Sat Jun 23 2012 Rex Dieter <rdieter at fedoraproject.org> 
- 0.48.2-8
- fix icon/desktop-file scriptlets (#739375)
- drop .desktop vendor (f18+)
- inkscape doesn't build with poppler-0.20.0 (#822413)
* Fri Jun 15 2012 Petr Pisar <ppisar at redhat.com> - 0.48.2-7
- Perl 5.16 rebuild
* Mon Jun 11 2012 Adel Gadllah <adel.gadllah at gmail.com> - 0.48.2-6
- Rebuild for new poppler
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #888249 - CVE-2012-5656 inkscape: XXE via SVG rasterization
        https://bugzilla.redhat.com/show_bug.cgi?id=888249
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update inkscape' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list