Update libdxfrw to 1.0.1 (from upstream git). Rebuild librecad against it.

This fixes CVE-2021-21898, CVE-2021-21899, and CVE-2021-21900.

This update has been submitted for testing by spot.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
9 months ago
BZ#2025628 CVE-2021-21899 librecad: heap out-of-bounds write in dwgCompressor:copyCompBytes21
0
0
BZ#2025630 CVE-2021-21899 librecad: heap out-of-bounds write in dwgCompressor:copyCompBytes21 [epel-7]
0
0
BZ#2025631 CVE-2021-21900 librecad: use-after-free in dxfRW:processLType()
0
0
BZ#2025632 CVE-2021-21900 librecad: use-after-free in dxfRW:processLType() [epel-7]
0
0
BZ#2025634 CVE-2021-21898 librecad: out-of-bounds write in dwgCompressor:decompress18()
0
0
BZ#2025635 CVE-2021-21898 librecad: out-of-bounds write in dwgCompressor:decompress18() [epel-7]
0
0

Automated Test Results