Описание
Security update for librecad
This update for librecad fixes the following issues:
- CVE-2021-45341: Fixed a buffer overflow vulnerability in LibreCAD that allowed an attacker to achieve remote code execution via a crafted JWW document [boo#1195105]
- CVE-2021-45342: Fixed a buffer overflow vulnerability in jwwlib in LibreCAD allows an attacker to achieve remote code execution via a crafted JWW document [boo#1195122]
Список пакетов
SUSE Package Hub 15 SP3
librecad-2.2.0~rc3-bp153.2.9.1
librecad-parts-2.2.0~rc3-bp153.2.9.1
openSUSE Leap 15.3
librecad-2.2.0~rc3-bp153.2.9.1
librecad-parts-2.2.0~rc3-bp153.2.9.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0143-1
- SUSE Security Ratings
- SUSE Bug 1195105
- SUSE Bug 1195122
- SUSE CVE CVE-2021-45341 page
- SUSE CVE CVE-2021-45342 page
Описание
A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
Затронутые продукты
SUSE Package Hub 15 SP3:librecad-2.2.0~rc3-bp153.2.9.1
SUSE Package Hub 15 SP3:librecad-parts-2.2.0~rc3-bp153.2.9.1
openSUSE Leap 15.3:librecad-2.2.0~rc3-bp153.2.9.1
openSUSE Leap 15.3:librecad-parts-2.2.0~rc3-bp153.2.9.1
Ссылки
- CVE-2021-45341
- SUSE Bug 1195105
Описание
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.
Затронутые продукты
SUSE Package Hub 15 SP3:librecad-2.2.0~rc3-bp153.2.9.1
SUSE Package Hub 15 SP3:librecad-parts-2.2.0~rc3-bp153.2.9.1
openSUSE Leap 15.3:librecad-2.2.0~rc3-bp153.2.9.1
openSUSE Leap 15.3:librecad-parts-2.2.0~rc3-bp153.2.9.1
Ссылки
- CVE-2021-45342
- SUSE Bug 1195122