Back to librecad PTS page

Accepted librecad 2.1.2-1+deb9u3 (source) into oldoldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu,  3 Feb 2022 13:11:44 CET
Source: librecad
Binary: librecad librecad-data
Architecture: source
Version: 2.1.2-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 librecad   - Computer-aided design (CAD) system
 librecad-data - Computer-aided design (CAD) system -- shared files
Checksums-Sha1:
 fc6c4580e22479092ce754226f10cf74fd782d7d 2415 librecad_2.1.2-1+deb9u3.dsc
 40b718d3aea49f3c03a14f16735dedc62792001a 17428 librecad_2.1.2-1+deb9u3.debian.tar.xz
 a21e2e48dbcea876e4cbe6f0891b307d086fff97 13969 librecad_2.1.2-1+deb9u3_amd64.buildinfo
Checksums-Sha256:
 ae4d657152fc5abe5cb5ba9f9f588585bc0eb2a092bb3603f3a87e3718b9e828 2415 librecad_2.1.2-1+deb9u3.dsc
 f5c79da1b8fd63f5706f0bf211d19c148c5c85d440acb71c14fc00b27f21e9c3 17428 librecad_2.1.2-1+deb9u3.debian.tar.xz
 9fb4a86f358786e2361b57a83b2be32c361869e40d97ec487d91331f78981878 13969 librecad_2.1.2-1+deb9u3_amd64.buildinfo
Changes:
 librecad (2.1.2-1+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2021-45341 and CVE-2021-45342:
     A buffer overflow vulnerability in CDataMoji of the jwwlib component of
     LibreCAD allows an attacker to achieve Remote Code Execution using a
     crafted JWW document.
   * Fix CVE-2021-45343:
     In LibreCAD, a NULL pointer dereference in the HATCH handling of libdxfrw
     allows an attacker to crash the application using a crafted DXF document.
Files:
 8e314dde964504d406ff8fdd0e049814 2415 graphics optional librecad_2.1.2-1+deb9u3.dsc
 2d3067f1bb6e7277d1d39be2ea871023 17428 graphics optional librecad_2.1.2-1+deb9u3.debian.tar.xz
 baaef29374e82d061310d430691fac3f 13969 graphics optional librecad_2.1.2-1+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmH7xrtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkPQcP/0sGBaOHFItiuEviRJzzs/Tm/x1yO2ADHuLe
edP9audoDAmTvHRa3IDVliwwucB28JFGL4X8eYWP5TYP7QIsAyzbcvR7y8Yg2vj+
onNwgP+QWBshYxqG69dhqjL5XXfXCX9gYc+DgxLDE9inX7eWu2pncgAgXaG/0CMD
MKge3E9mIXG0i5L1ZDNbD5uT/MDeYdjZfldLs05SMRkq4MVgneg+hM3jD/POviJc
dmU7w0NSwcY/A5lXIZ81Q1qx0GiEGkNdf//sm6qOesfRfKllJ2MVxkYhEo1BGC04
+pNtoqN3P434oZ/w7ZcYFAZqtZuKGPu7r7S6+DlifCrWecgwcKEjvfZ9Xkbvmo0b
xqKohw8dreQooEj6qggnqWKTJNvSbLR5UnpjpVyd49/+5VN0bo9CEdn1zhwZQuaX
9Bb+Rg6/eTaQDzycOJW5tTUjNDCjdcKGazmRWqF+2v85KJ1rfznSPOuUnDlJIIzJ
JgttfYJbxWf6DAJVFa6hWPVXUlq0XfFie0PlfiFM01E9jOBNAr4MM2aC2LnLwQhQ
LXDwKaV98UeYJCnPyY4ODzs4AN89Ce/owKDW6+7SvWvM/t2hzPZ7g4fYUJOdT1CV
33VhOIykHLcWflTA7c0M6icVqpNnLTJKTBZoh47OnyfC7nD2ZpHWwwiwNwt+iXUI
XxZ9lDP4
=cDsU
-----END PGP SIGNATURE-----