openSUSE Build Service

Security update for libredwg

This update for libredwg fixes the following issues:

libredwg was updated to release 0.10:

API breaking changes:

* Added a new int *isnewp argument to all dynapi utf8text
getters, if the returned string is freshly malloced or not.
* removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and
UNKNOWN_ENT left, with common_entity_data.
* renamed BLOCK_HEADER.preview_data to preview,
preview_data_size to preview_size.
* renamed SHAPE.shape_no to style_id.
* renamed CLASS.wasazombie to is_zombie.

Bugfixes:

* Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c.
* Fixed encoding of added r2000 AUXHEADER address.
* Fixed EED encoding from dwgrewrite.
* Add several checks against
[CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522],
[CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524],
[CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526],
[CVE-2020-6615, boo#1160527]

Submitted by Jan Engelhardt (jengelh)

Fixed bugs

VUL-1: CVE-2020-6615: libredwg: invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c

bnc#1160522

VUL-1: CVE-2020-6610: libredwg: excessive memory allocation in read_sections_map in decode_r2007.c

bnc#1160524

VUL-1: CVE-2020-6612: libredwg: heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c

bnc#1160520

VUL-1: CVE-2020-6609: libredwg: heap-based buffer over-read in read_pages_map in decode_r2007.c

bnc#1160525

VUL-1: CVE-2020-6613: libredwg: heap-based buffer over-read in bit_search_sentinel in bits.c.

bnc#1160523

VUL-1: CVE-2020-6611: libredwg: NULL pointer dereference in get_next_owned_entity in dwg.c

bnc#1160526

VUL-1: CVE-2020-6614: libredwg: heap-based buffer over-read in bfr_read in decode.c

Places

Fixed bugs

Selected Binaries

Places