pkgsrc/graphics/librsvg-c/distinfo
leot 0248f26d21 librsvg-c: Update to 2.40.21
pkgsrc changes:
 - Remove patches/patch-test-driver: applied upstream

Changes:
2.40.21
-------
 - CVE-2019-20446 - Backport the following fixes from 2.46.x:
 - #515 - Librsvg now has limits on the number of loaded XML elements,
   and the number of referenced elements within an SVG document.  This
   is to mitigate malicious SVGs which try to consume all memory, and
   those which try to consume an exponential amount of CPU time.
 - #308 - Fix stack exhaustion with circular references in <use> elements.
 - #323 - Fix a denial-of-service condition from exponential explosion
   of rendered elements, through nested use of SVG "use" elements in
   malicious SVGs.  This is similar to the XML "billion laughs attack"
   but for SVG instancing.
2020-03-03 13:04:34 +00:00

6 lines
413 B
Text

$NetBSD: distinfo,v 1.2 2020/03/03 13:04:34 leot Exp $
SHA1 (librsvg-2.40.21.tar.xz) = 063d1ca696633d43c462e1ca3e8be3145559d954
RMD160 (librsvg-2.40.21.tar.xz) = 5135ad75e976658936d03655faa37f9ed1c11a3e
SHA512 (librsvg-2.40.21.tar.xz) = db0563d8e0edaae642a6b2bcd239cf54191495058ac8c7ff614ebaf88c0e30bd58dbcd41f58d82a9d5ed200ced45fc5bae22f2ed3cf3826e9348a497009e1280
Size (librsvg-2.40.21.tar.xz) = 1655860 bytes