Overview

File _patchinfo of Package patchinfo.17493

<patchinfo incident="17493">
  <issue tracker="bnc" id="1193372">VUL-0: CVE-2021-28237: libredwg: heap-buffer overflow via decode_preR13.</issue>
  <issue tracker="cve" id="2021-28237"/>
  <packager>jengelh</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libredwg</summary>
  <description>This update for libredwg fixes the following issues:

Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]

* Restricted accepted DXF objects to all stable and unstable
  classes, minus MATERIAL, ARC_DIMENSION, SUN, PROXY*. I.e.
  most unstable objects do not allow unknown DXF codes anymore.
  This fixed most oss-fuzz errors.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places