Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 6 Jul 2016 11:01:13 +0200
From: Salvatore Bonaccorso <>
To: Gustavo Grieco <>
Subject: Re: Browsing and attaching images considered harmful
 in Linux


On Mon, Jul 04, 2016 at 09:13:05PM +0200, Gustavo Grieco wrote:
> Fortunately, this issue is already solved in the last revision of
> librsvg2 (AFAIK, this issue has no CVE, so please MITRE assign one if
> suitable). Nevertheless, I reported such vulnerability to Mozilla more
> than a month ago hoping that they will disable the svg support in the
> open/attach widget. After some discussion, it was marked as WONTFIX.
> While i understand why, i still feel it can be productive to discuss
> this here.

If I correctly bisected with the reproducer, then the fix should be

If anyone can confirm that would be great.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ