-
librecad (2.1.3-3) unstable; urgency=medium
* Team upload.
* Add patches for CVE-2021-45341, CVE-2021-45342, CVE-2021-45343
-- Aron Xu <email address hidden> Sun, 30 Jan 2022 20:47:48 +0800
-
librecad (2.1.3-2) unstable; urgency=medium
* Team upload.
* Apply patches for following CVEs, thanks to Sylvain Beucler <beuc>
- CVE-2021-21898: A code execution vulnerability exists in the
dwgCompressor::decompress18() functionality of LibreCad libdxfrw. A
specially-crafted .dwg file can lead to an out-of-bounds write.
- CVE-2021-21899: A code execution vulnerability exists in the
dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw. A
specially-crafted .dwg file can lead to a heap buffer overflow.
- CVE-2021-21900: A code execution vulnerability exists in the
dxfRW::processLType() functionality of LibreCad libdxfrw. A
specially-crafted .dxf file can lead to a use-after-free
vulnerability.
-- Aron Xu <email address hidden> Tue, 18 Jan 2022 12:05:14 +0000
-
librecad (2.1.3-1.3) unstable; urgency=medium
* Non-maintainer upload.
* Backport upstream fix for FTBFS with Qt 5.15. (Closes: #975160)
-- Adrian Bunk <email address hidden> Fri, 29 Jan 2021 01:22:36 +0200