Skip to content

Commit

Permalink
Version 2.5.1
Browse files Browse the repository at this point in the history
  • Loading branch information
@liZe
liZe committed Jan 6, 2021
1 parent cfc9175 commit 44c5d42
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 1 deletion.
21 changes: 21 additions & 0 deletions NEWS.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,27 @@
======


Version 2.5.1 released on 2021-01-06
====================================

**WARNING:** this is a security update.

When processing SVG files, CairoSVG was using two regular expressions which are
vulnerable to Regular Expression Denial of Service (REDoS).

If an attacker provided a malicious SVG, it could make CairoSVG get stuck
processing the file for a very long time.

Other bug fixes:

* Fix marker positions for unclosed paths
* Follow hint when only output_width or output_height is set
* Handle opacity on raster images
* Don’t crash when use tags reference unknown tags
* Take care of the next letter when A/a is replaced by l
* Fix misalignment in node.vertices


Version 2.5.0 released on 2020-10-29
====================================

Expand Down
2 changes: 1 addition & 1 deletion cairosvg/VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
2.5.0
2.5.1

0 comments on commit 44c5d42

Please sign in to comment.