Skip to content

1.0.21
Compare
Choose a tag to compare
@liZe liZe released this 14 Jul 09:02
· 463 commits to main since this release
1.0.21
f46ff11

WARNING: this is a security update.

CairoSVG was vulnerable to XML eXternal Entity (XXE) attacks, this release
fixes this vulnerability by not resolving the XML entities anymore.

The --unsafe option has been added to force the resolution of XML
entities. Obviously, this option is not safe and should only be used with
trusted SVG files.

Assets 2
Loading