buildroot/package/librsvg/librsvg.hash
Fabrice Fontaine e7988c7060 package/librsvg: security bump to version 2.50.9
Fix CVE-2023-38633: A directory traversal problem in the URL decoder of
librsvg before 2.56.3 could be used by local or remote attackers to
disclose files (on the local filesystem outside of the expected area),
as demonstrated by href=".?../../../../../../../../../../etc/passwd" in
an xi:include element.

https://gitlab.gnome.org/GNOME/librsvg/-/blob/2.50.9/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-09-28 22:59:34 +02:00

6 lines
282 B
Plaintext

# From https://download.gnome.org/sources/librsvg/2.50/librsvg-2.50.9.sha256sum
sha256 518905fffa879b6c7f3db1aae961cf31333e0eadc7b4cdd4f531707868c54b53 librsvg-2.50.9.tar.xz
# Locally computed
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB