Описание
Security update for libredwg
This update for libredwg fixes the following issues:
libredwg was updated to release 0.9.3:
- Added the -x,--extnames option to dwglayers for r13-r14 DWGs.
- Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle for r13.
- Add DICTIONARY.itemhandles[] for r13 and r14.
- Fixed some dwglayers null pointer derefs, and flush its output for each layer.
- Added several overflow checks from fuzzing [CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826], [CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828], [CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832]
- Disallow illegal SPLINE scenarios [CVE-2019-20009, boo#1159824]
Update to release 0.9.1:
- Fixed more null pointer dereferences, overflows, hangs and memory leaks for fuzzed (i.e. illegal) DWGs.
Update to release 0.9 [boo#1154080]:
- Added the DXF importer, using the new dynapi and the r2000 encoder. Only for r2000 DXFs.
- Added utf8text conversion functions to the dynapi.
- Added 3DSOLID encoder.
- Added APIs to find handles for names, searching in tables and dicts.
- API breaking changes - see NEWS file in package.
- Fixed null pointer dereferences, and memory leaks (except DXF importer) [boo#1129868, CVE-2019-9779] [boo#1129869, CVE-2019-9778] [boo#1129870, CVE-2019-9777] [boo#1129873, CVE-2019-9776] [boo#1129874, CVE-2019-9773] [boo#1129875, CVE-2019-9772] [boo#1129876, CVE-2019-9771] [boo#1129878, CVE-2019-9775] [boo#1129879, CVE-2019-9774] [boo#1129881, CVE-2019-9770]
Update to 0.8:
- add a new dynamic API, read and write all header and object fields by name
- API breaking changes
- Fix many errors in DXF output
- Fix JSON output
- Many more bug fixes to handle specific object types
Список пакетов
openSUSE Leap 15.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0068-1
- SUSE Security Ratings
- SUSE Bug 1129868
- SUSE Bug 1129869
- SUSE Bug 1129870
- SUSE Bug 1129873
- SUSE Bug 1129874
- SUSE Bug 1129875
- SUSE Bug 1129876
- SUSE Bug 1129878
- SUSE Bug 1129879
- SUSE Bug 1129881
- SUSE Bug 1154080
- SUSE Bug 1159824
- SUSE Bug 1159825
- SUSE Bug 1159826
- SUSE Bug 1159827
- SUSE Bug 1159828
- SUSE Bug 1159831
- SUSE Bug 1159832
Описание
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_SPLINE_private in dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-20009
- SUSE Bug 1159824
Описание
An issue was discovered in GNU LibreDWG 0.92. There is a use-after-free in resolve_objectref_vector in decode.c.
Затронутые продукты
Ссылки
- CVE-2019-20010
- SUSE Bug 1159825
Описание
An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.
Затронутые продукты
Ссылки
- CVE-2019-20011
- SUSE Bug 1159826
- SUSE Bug 1174236
Описание
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_HATCH_private in dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-20012
- SUSE Bug 1159827
Описание
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in decode_3dsolid in dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-20013
- SUSE Bug 1159828
Описание
An issue was discovered in GNU LibreDWG before 0.93. There is a double-free in dwg_free in free.c.
Затронутые продукты
Ссылки
- CVE-2019-20014
- SUSE Bug 1159831
Описание
An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead to an attempted excessive memory allocation in dwg_decode_LWPOLYLINE_private in dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-20015
- SUSE Bug 1159832
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the y dimension.
Затронутые продукты
Ссылки
- CVE-2019-9770
- SUSE Bug 1129881
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function bit_convert_TU at bits.c.
Затронутые продукты
Ссылки
- CVE-2019-9771
- SUSE Bug 1129876
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LEADER at dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-9772
- SUSE Bug 1129875
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer overflow in the function dwg_decode_eed_data at decode.c for the z dimension.
Затронутые продукты
Ссылки
- CVE-2019-9773
- SUSE Bug 1129874
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function bit_read_B at bits.c.
Затронутые продукты
Ссылки
- CVE-2019-9774
- SUSE Bug 1129879
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an out-of-bounds read in the function dwg_dxf_BLOCK_CONTROL at dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-9775
- SUSE Bug 1129878
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779).
Затронутые продукты
Ссылки
- CVE-2019-9776
- SUSE Bug 1129868
- SUSE Bug 1129873
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dxf_header_write at header_variables_dxf.spec.
Затронутые продукты
Ссылки
- CVE-2019-9777
- SUSE Bug 1129870
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a heap-based buffer over-read in the function dwg_dxf_LTYPE at dwg.spec.
Затронутые продукты
Ссылки
- CVE-2019-9778
- SUSE Bug 1129869
Описание
An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (earlier than CVE-2019-9776).
Затронутые продукты
Ссылки
- CVE-2019-9779
- SUSE Bug 1129868
- SUSE Bug 1129873