File libredwg.changes of Package libredwg.11734
-------------------------------------------------------------------
Sun Dec 29 20:45:54 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.9.3
* Added the -x,--extnames option to dwglayers for r13-r14 DWGs.
* Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle
for r13.
* Add DICTIONARY.itemhandles[] for r13 and r14.
* Fixed some dwglayers null pointer derefs, and flush its output
for each layer.
* Added several overflow checks from fuzzing
[CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826],
[CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828],
[CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832]
* Disallow illegal SPLINE scenarios
[CVE-2019-20009, boo#1159824]
-------------------------------------------------------------------
Wed Oct 30 14:46:09 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to release 0.9.1
* Fixed more null pointer dereferences, overflows, hangs and
memory leaks for fuzzed (i.e. illegal) DWGs.
- Update to release 0.9 [boo#1154080]
* Added the DXF importer, using the new dynapi and the r2000
encoder. Only for r2000 DXFs.
* Added utf8text conversion functions to the dynapi.
* Added 3DSOLID encoder.
* Added APIs to find handles for names, searching in tables
and dicts.
* API breaking changes - see NEWS file in package.
* Fixed null pointer dereferences, and memory leaks (except DXF
importer)
[boo#1129868, CVE-2019-9779]
[boo#1129869, CVE-2019-9778]
[boo#1129870, CVE-2019-9777]
[boo#1129873, CVE-2019-9776]
[boo#1129874, CVE-2019-9773]
[boo#1129875, CVE-2019-9772]
[boo#1129876, CVE-2019-9771]
[boo#1129878, CVE-2019-9775]
[boo#1129879, CVE-2019-9774]
[boo#1129881, CVE-2019-9770]
-------------------------------------------------------------------
Thu Aug 1 11:00:01 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
- update to 0.8:
* add a new dynamic API, read and write all header and object
fields by name
* API breaking changes
* Fix many errors in DXF output
* Fix JSON output
* Many more bug fixes to handle specific object types
-------------------------------------------------------------------
Mon Dec 10 09:49:22 UTC 2018 - astieger@suse.com
- update to 0.7:
* add API to retrieve all objects in a DWG
* various API breaking changes
* Various fixes for memory leaks and double free and other issues
-------------------------------------------------------------------
Sat Nov 10 12:26:48 UTC 2018 - astieger@suse.com
- update to 0.6.2:
* Improved handling of DWG files found in the wild
-------------------------------------------------------------------
Tue Aug 14 07:18:39 UTC 2018 - astieger@suse.com
- update to 0.6:
* API breaking changes:
+ Removed dwg_obj_proxy_get_reactors(), use dwg_obj_get_reactors() instead.
+ Renamed SORTENTSTABLE.owner_handle to SORTENTSTABLE.owner_dict.
+ Renamed all -as-rNNNN program options to --as-rNNNN.
* a number of bug fixes, correctness fixes and memory leak fixes
* Add support for more DWG objects
* Add pkg-config file
- drop patches (upstream): CVE-2018-14524.patch, CVE-2018-14471.patch
-------------------------------------------------------------------
Thu Aug 9 09:34:20 UTC 2018 - astieger@suse.com
- CVE-2018-14524: double free (boo#1102702)
add CVE-2018-14524.patch
- CVE-2018-14471: NULL pointer dereference DoS (boo#1102696)
add CVE-2018-14471.patch
-------------------------------------------------------------------
Sat Jul 14 10:00:58 UTC 2018 - jengelh@inai.de
- Trim redundant wording and future aims.
-------------------------------------------------------------------
Tue Jul 10 09:46:52 UTC 2018 - astieger@suse.com
- initial version (0.5)
