Lucene search

K
suseSuseOPENSUSE-SU-2020:0096-1
HistoryJan 23, 2020 - 12:00 a.m.

Security update for libredwg (moderate)

2020-01-2300:00:00
lists.opensuse.org
46

EPSS

0.002

Percentile

59.8%

An update that fixes 7 vulnerabilities is now available.

Description:

This update for libredwg fixes the following issues:

libredwg was updated to release 0.10:

API breaking changes:

  • Added a new int *isnewp argument to all dynapi utf8text getters, if the
    returned string is freshly malloced or not.
  • removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and
    UNKNOWN_ENT left, with common_entity_data.
  • renamed BLOCK_HEADER.preview_data to preview, preview_data_size to
    preview_size.
  • renamed SHAPE.shape_no to style_id.
  • renamed CLASS.wasazombie to is_zombie.

Bugfixes:

  • Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c.
  • Fixed encoding of added r2000 AUXHEADER address.
  • Fixed EED encoding from dwgrewrite.
  • Add several checks against [CVE-2020-6609, boo#1160520], [CVE-2020-6610,
    boo#1160522], [CVE-2020-6611, boo#1160523], [CVE-2020-6612,
    boo#1160524], [CVE-2020-6613, boo#1160525], [CVE-2020-6614,
    boo#1160526], [CVE-2020-6615, boo#1160527]

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or β€œzypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2020-96=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1x86_64<Β - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm

EPSS

0.002

Percentile

59.8%

Related for OPENSUSE-SU-2020:0096-1