Описание
Security update for libredwg
This update for libredwg fixes the following issues:
Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]
- Restricted accepted DXF objects to all stable and unstable classes, minus MATERIAL, ARC_DIMENSION, SUN, PROXY*. I.e. most unstable objects do not allow unknown DXF codes anymore. This fixed most oss-fuzz errors.
Список пакетов
SUSE Package Hub 15 SP4
libredwg-devel-0.12.5-bp154.2.3.1
libredwg-tools-0.12.5-bp154.2.3.1
libredwg0-0.12.5-bp154.2.3.1
openSUSE Leap 15.4
libredwg-devel-0.12.5-bp154.2.3.1
libredwg-tools-0.12.5-bp154.2.3.1
libredwg0-0.12.5-bp154.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0155-1
- SUSE Security Ratings
- SUSE Bug 1193372
- SUSE CVE CVE-2021-28237 page
Описание
LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via decode_preR13.
Затронутые продукты
SUSE Package Hub 15 SP4:libredwg-devel-0.12.5-bp154.2.3.1
SUSE Package Hub 15 SP4:libredwg-tools-0.12.5-bp154.2.3.1
SUSE Package Hub 15 SP4:libredwg0-0.12.5-bp154.2.3.1
openSUSE Leap 15.4:libredwg-devel-0.12.5-bp154.2.3.1
Ссылки
- CVE-2021-28237
- SUSE Bug 1193372