Package: svgsalamander / 1.1.1+dfsg-3

Metadata

Package Version Patches format
svgsalamander 1.1.1+dfsg-3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 Make build use system libraries.patch | (download)

svg-core/build.xml | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 make build use system libraries
0002 Disable useless automated jar signing.patch | (download)

svg-core/build.xml | 16 0 + 16 - 0 !
1 file changed, 16 deletions(-)

 disable jar signing in ant script
0005 dont call netbeans ant tasks.patch | (download)

svg-core/build.xml | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 skip some netbeans ant tasks by setting mkdist.disabled:=true
0006 modify broken upstream pom.patch | (download)

svg-core/pom.xml | 146 2 + 144 - 0 !
1 file changed, 2 insertions(+), 144 deletions(-)

 fix version and remove build information and ant dependency
  in outdated upstream pom.xml (outdated according to author)
0007 CVE 2017 5617 Allow only data scheme.patch | (download)

svg-core/src/main/java/com/kitfox/svg/ImageSVG.java | 68 28 + 40 - 0 !
1 file changed, 28 insertions(+), 40 deletions(-)

 fix cve-2017-5617: svgsalamander ssrf (server-side request forgery)
 See: http://www.openwall.com/lists/oss-security/2017/01/27/3