An update that fixes three vulnerabilities is now available.
Description:
This update for libdxfrw, librecad fixes the following issues:
-
Update to version 1.0.1+git.20220109:
- fixed ambiguous error for DRW_Dimension::parseDwg()
- fixed enless while()-loop for pre 2004 versions
- dwgReader::readDwgObjects() stop reading after 1st error
- dwgReader::readDwgEntities() stop reading after 1st error
- replace ENTRY_PARSE macro with template method
- remove unused DRW_Class::parseCode() method
- protect vector<>.reserve() calls
- Added NULL check for hatch code 93
- Fix bounds check in DRW_LWPolyline
- fix, check maxClassNum for valid value
- fixed wrong 2010+ check for 64-bit size
- Set compiler warnings on by default, because makes harder for bugs to
go undetected. modified: CMakeLists.txt
- Fixed fall through and other warnings (#54)
- fix “Vertex ID” printout
-
Update to version 1.0.1+git.20211110:
- fixed heap use after free vulnerability CVE-2021-21900 (boo#1192938)
- minor improvements to dwg2dxf, formatting and message output on success
- fixed heap buffer overflow vulnerability CVE-2021-21899 (boo#1192937)
- dwg2dxf - enable debug output of libdxfrw by command line switch
- fixed out-of-bounds write vulnerability CVE-2021-21898 (boo#1192936)
- fixed please note section formatting
- updated README.md for LibreCAD_3 branch and sf.net successor
- fixed LibreCAD 2 issue #1371, read failed with binary DXF
- Use ununordered_map instead of map
- manual merge changes from LibreCAD2
- and much more
-
Update to version 1.0.1+git.20200429:
- Fix includes install dir
- Export target as libdxfrw::libdxfrw to keep consistency with Conan
packages
- Add archive destination in install
- Install DXFRW::dxfrw target
- Remove duplicate target properties
- Remove version from pkg-config file
- Let CMake handle C++11 compiler definition
- Change minimal required CMake version to 3.0
- cmake: add doc target
- README.md: fix typo
- cmake: generate and install pkgconfig
- cmake: add one for dwg2dxf
- cmake: set library VERSIONs
- cmake: use GNUInstallDirs
-
Update to version 0.6.3+git.20190501:
- Add build status and update example link
- Add Travis-CI script
- [#10] Fix compilation on GCC
- Fix bugs with .dwg import of TEXT and MTEXT entities
- This was unnecessary
- Link libdxfrw against libstdc++
- Return an error when the file ends prematurely
- Add version getter
- Fix polyline 2d/3d write
- Initialize return buffers in GetRawChar8 et al.
-
update to 2.2.0-rc3
- major release
- DWG imports are more reliable now
- and a lot more of bugfixes and improvements
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product: