Skip to content

Draft: Update to 2.54.7 (Closes: #1041810, CVE-2023-38633)

Simon McVittie requested to merge wip/2.54.7 into debian/master
  • New upstream stable release 2.54.6
    • Fix a directory traversal vulnerability
      (Closes: #1041810, CVE-2023-38633)
    • Drop a redundant test-case that frequently regressed as a result of
      non-problematic font rendering changes
  • New upstream stable release 2.54.7
    • Fix compilation of 2.54.6 on rustc < 1.58
  • d/rules: Skip several known-failing reftests on big-endian architectures.
    These succeeded when librsvg_2.54.5+dfsg-1 was uploaded in September
    2022, but regressed sometime between then and the bookworm release,
    presumably as a result of changes in some other package.
    (Mitigates: #1038447)

Merge request reports

Loading