Accepting request 927579 from GNOME:Factory

OBS-URL: https://build.opensuse.org/request/show/927579 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/librsvg?expand=0&rev=113
2021-10-26 19:03:11 +00:00 · 2021-10-26 19:03:11 +00:00 · 6dcdf9ee52
commit 6dcdf9ee52
parent 3b73130b64 539d23a033
1 changed files with 18 additions and 0 deletions
--- a/librsvg.changes
+++ b/librsvg.changes
@ -116,6 +116,24 @@ Fri Apr 30 19:11:33 UTC 2021 - Dominique Leuenberger <dimstar@opensuse.org>
    attributes, for feComponentTransfer and feConvolveMatrix.
  + Negative rx/ry in rect element should be ignored.

+-------------------------------------------------------------------
+Fri Apr 23 16:05:19 UTC 2021 - Federico Mena Quintero <federico@suse.com>
+
+- Update to version 2.46.5 on SLE and Leap:
+
+  + Update dependent crates that had security vulnerabilities:
+
+    generic-array to 0.12.4 - RUSTSEC-2020-0146
+    smallvec to 0.6.14      - RUSTSEC-2021-0003 - CVE-2021-25900
+
+  + There are no changes to the library code.
+
+  + Fix bash-isms in Makefile.am (Tin-Wei Lan).
+
+  + Fix Visual Studio build (Chun-wei Fan).
+
+- bsc#1183403 - CVE-2021-25900 - buffer overflow in the smallvec crate.
+
 -------------------------------------------------------------------
 Tue Apr 13 14:32:46 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>