advisories/24592.adv

type: security
subject: Updated svgsalamander packages fix security vulnerability
CVE:
 - CVE-2017-5617
src:
  6:
   core:
     - svgsalamander-1.1.2-1.mga6
description: |
  A vulnerability was found in the svgsalamander library. If the library is
  being used in a web application for processing user supplied SVG files then
  the app is vulnerable to SSRF (CVE-2017-5617).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=24592
 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UPUOI6NCEB6H6YHKN7M4V3CAQD63NXAU/
ID: MGASA-2019-0160
1	tmb	8494	type: security
2			subject: Updated svgsalamander packages fix security vulnerability
3			CVE:
4			- CVE-2017-5617
5			src:
6			6:
7			core:
8			- svgsalamander-1.1.2-1.mga6
9			description: \|
10			A vulnerability was found in the svgsalamander library. If the library is
11			being used in a web application for processing user supplied SVG files then
12			the app is vulnerable to SSRF (CVE-2017-5617).
13			references:
14			- https://bugs.mageia.org/show_bug.cgi?id=24592
15			- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UPUOI6NCEB6H6YHKN7M4V3CAQD63NXAU/
16	tmb	8521	ID: MGASA-2019-0160