A denial of service flaw was found in the way the librsvg2 library parsed SVG files. A specially crafted SVG file with circular definitions could cause an application using librsvg2 to crash. This flaw is in the rsvg_cairo_pop_discrete_layer(), rsvg_cairo_pop_render_stack(), and rsvg_cairo_generate_mask() functions. Reference (including reproducer): http://seclists.org/oss-sec/2016/q2/161
Created librsvg2 tracking bugs for this issue: Affects: fedora-all [bug 1331727]
Created mingw-librsvg2 tracking bugs for this issue: Affects: fedora-all [bug 1331728]
Upstream fix: https://git.gnome.org/browse/librsvg/commit/?id=a51919f7e1ca9c535390a746fbf6e28c8402dc61
This CVE was rejected by Mitre. Common Vulnerabilities and Exposures assigned an identifier CVE-2016-4347 to the following vulnerability: Name: CVE-2016-4347 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4347 Assigned: 20160428 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7558. Reason: This candidate is a reservation duplicate of CVE-2015-7558. Notes: All CVE users should reference CVE-2015-7558 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Statement: This flaw was found to be a duplicate of CVE-2015-7558. Please see https://access.redhat.com/security/cve/CVE-2015-7558 for information about affected products and security errata.