USN-2149-2: GTK+ update
17 March 2014
This update provides a compatibility fix for GTK+.
Releases
Packages
- gtk+3.0 - GTK+ graphical user interface library
Details
USN-2149-1 fixed a vulnerability in librsvg. This update provides a
compatibility fix for GTK+ to work with the librsvg security update.
Original advisory details:
It was discovered that librsvg would load XML external entities by default.
If a user were tricked into viewing a specially crafted SVG file, an
attacker could possibly obtain access to arbitrary files.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10
Ubuntu 12.04
After a standard system update you need to restart your session to make all
the necessary changes.
References
Related notices
- USN-2149-1: librsvg, librsvg2-2