This bug was fixed in the package librsvg - 2.52.5+dfsg-3ubuntu0.2
---
librsvg (2.52.5+dfsg-3ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: Arbitrary file read when xinclude href has special
characters
- debian/patches/CVE-2023-38633.patch: validate URLs in
** Changed in: librsvg (Ubuntu)
Assignee: (unassigned) => Sebastien Bacher (seb128)
** Tags removed: rls-jj-incoming
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to librsvg in Ubuntu.
https://bugs.launchpad.net/bugs/1976259
** Changed in: librsvg (Ubuntu)
Importance: Undecided => High
** Changed in: librsvg (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to librsvg in Ubuntu.
https://bugs.launchpad.net/bugs/1976259
