[SECURITY] Fedora 16 Update: inkscape-0.48.4-1.fc16

updates at fedoraproject.org updates at fedoraproject.org
Sat Jan 5 06:54:48 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-20621
2012-12-19 07:54:27
--------------------------------------------------------------------------------

Name        : inkscape
Product     : Fedora 16
Version     : 0.48.4
Release     : 1.fc16
URL         : http://inkscape.sourceforge.net/
Summary     : Vector-based drawing program using SVG
Description :
Inkscape is a vector graphics editor, with capabilities similar to
Illustrator, CorelDraw, or Xara X, using the W3C standard Scalable Vector
Graphics (SVG) file format.  It is therefore a very useful tool for web
designers and as an interchange format for desktop publishing.

Inkscape supports many advanced SVG features (markers, clones, alpha
blending, etc.) and great care is taken in designing a streamlined
interface. It is very easy to edit nodes, perform complex path operations,
trace bitmaps and much more.

--------------------------------------------------------------------------------
Update Information:

Fix XXE flaw, man page ownership.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Dec  6 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-4
- 0.48.4, fix XXE security flaw.
- Correct man page ownership.
* Thu Dec  6 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-4
- Fix directory ownership, BZ 873817.
- Fix previous changelog version.
* Mon Nov 19 2012 Nils Philippsen <nils at redhat.com> - 0.48.3.1-3
- update sourceforge download URL
* Thu Nov  1 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-2
- Allow loading large XML, BZ 871012.
* Fri Oct  5 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.3.1-1
- Lastest upstream.
* Thu Oct  4 2012 Jon Ciesla <limburgher at gmail.com> - 0.48.2-13
- Added dep on uniconvertor, BZ 796424.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.48.2-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jul  9 2012 Petr Pisar <ppisar at redhat.com> - 0.48.2-11
- Perl 5.16 rebuild
* Mon Jul  2 2012 Marek Kasik <mkasik at redhat.com> - 0.48.2-10
- Rebuild (poppler-0.20.1)
* Wed Jun 27 2012 Petr Pisar <ppisar at redhat.com> - 0.48.2-9
- Perl 5.16 rebuild
* Sat Jun 23 2012 Rex Dieter <rdieter at fedoraproject.org> 
- 0.48.2-8
- fix icon/desktop-file scriptlets (#739375)
- drop .desktop vendor (f18+)
- inkscape doesn't build with poppler-0.20.0 (#822413)
* Fri Jun 15 2012 Petr Pisar <ppisar at redhat.com> - 0.48.2-7
- Perl 5.16 rebuild
* Mon Jun 11 2012 Adel Gadllah <adel.gadllah at gmail.com> - 0.48.2-6
- Rebuild for new poppler
* Wed Apr 11 2012 Peter Robinson <pbrobinson at fedoraproject.org> - 0.48.2-5
- Rebuild for ImageMagik
* Thu Mar  8 2012 Daniel Drake <dsd at laptop.org> - 0.48.2-4
- Fix build with GCC 4.7
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.48.2-3
- Rebuilt for c++ ABI breakage
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.48.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Nov 15 2011 German Ruiz <germanrs at fedoraproject.org> - 0.48.2-1
- New upstream version
- Fix glib include compile problem
- Fix compilation against libpng-1.5
* Fri Oct 28 2011 Rex Dieter <rdieter at fedoraproject.org> - 0.48.1-10
- rebuild(poppler)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #888249 - CVE-2012-5656 inkscape: XXE via SVG rasterization
        https://bugzilla.redhat.com/show_bug.cgi?id=888249
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update inkscape' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list