-
librsvg (2.54.7+dfsg-2) unstable; urgency=medium
* Cherry-pick unstable-options patch to fix build with newer rustc
* Set upstream metadata field Security-Contact
* debian/control.in: Update Build-Depends: libfreetype6-dev -> libfreetype-dev
* Update standards version to 4.6.2, no changes needed
-- Jeremy BĂcha <email address hidden> Mon, 14 Aug 2023 14:10:15 -0400
-
librsvg (2.54.5+dfsg-1ubuntu5) mantic; urgency=medium
* Don't pass -Z unstable-options to newer rustc to fix FTBFS
- debian/patches/no-rust--z.patch
-- Marc Deslauriers <email address hidden> Fri, 28 Jul 2023 13:59:56 -0400
-
librsvg (2.54.5+dfsg-1ubuntu4) mantic; urgency=medium
* SECURITY UPDATE: Arbitrary file read when xinclude href has special
characters
- debian/patches/CVE-2023-38633.patch: validate URLs in
include/librsvg/rsvg.h, src/error.rs, src/lib.rs,
src/url_resolver.rs, tests/*.
- CVE-2023-38633
-- Marc Deslauriers <email address hidden> Fri, 28 Jul 2023 08:48:51 -0400
-
librsvg (2.54.5+dfsg-1ubuntu3) mantic; urgency=medium
* Restore the librsvg2-tests build and corresponding autopkgtests
which were set up a while ago but disabled to avoid having the upload
blocked in the Debian NEW queue. Include the svg needed for the tests.
-- Sebastien Bacher <email address hidden> Tue, 13 Jun 2023 12:50:31 +0200
-
librsvg (2.54.5+dfsg-1ubuntu2) lunar; urgency=medium
* Don't fail the build on tests issues on s390x
-- Sebastien Bacher <email address hidden> Tue, 21 Mar 2023 15:45:43 +0100