3 matches found
openSUSE 15 Security Update : libredwg (openSUSE-SU-2023:0201-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0201-1 advisory. - LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decodepreR13section at decoder11.c. CVE-2022-33025 -...
OPENSUSE-SU-2023:0201-1 Security update for libredwg
This update for libredwg fixes the following issues: Update to version 0.12.5.5907 Security issues fixed: CVE-2022-33025: Fixed multiple security issues boo1200898 CVE-2023-36271: Fixed heap buffer overflow via the function bitwcs2nlen boo1212709 CVE-2023-36272: Fixed heap buffer overflow via the...
CVE-2023-36273
CVE-2023-36273 affects LibreDWG in version 0.12.5, where a heap buffer overflow is triggered by the function bit_calc_CRC in bits.c. This is confirmed across multiple sources (NVD entry and OSS/openSUSE advisories) and is addressed by updating to LibreDWG v0.12.5.5907, which fixes the heap buffer...