Accepted librecad 2.1.2-1+deb9u3 (source) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 3 Feb 2022 13:11:44 CET
Source: librecad
Binary: librecad librecad-data
Architecture: source
Version: 2.1.2-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
librecad - Computer-aided design (CAD) system
librecad-data - Computer-aided design (CAD) system -- shared files
Checksums-Sha1:
fc6c4580e22479092ce754226f10cf74fd782d7d 2415 librecad_2.1.2-1+deb9u3.dsc
40b718d3aea49f3c03a14f16735dedc62792001a 17428 librecad_2.1.2-1+deb9u3.debian.tar.xz
a21e2e48dbcea876e4cbe6f0891b307d086fff97 13969 librecad_2.1.2-1+deb9u3_amd64.buildinfo
Checksums-Sha256:
ae4d657152fc5abe5cb5ba9f9f588585bc0eb2a092bb3603f3a87e3718b9e828 2415 librecad_2.1.2-1+deb9u3.dsc
f5c79da1b8fd63f5706f0bf211d19c148c5c85d440acb71c14fc00b27f21e9c3 17428 librecad_2.1.2-1+deb9u3.debian.tar.xz
9fb4a86f358786e2361b57a83b2be32c361869e40d97ec487d91331f78981878 13969 librecad_2.1.2-1+deb9u3_amd64.buildinfo
Changes:
librecad (2.1.2-1+deb9u3) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2021-45341 and CVE-2021-45342:
A buffer overflow vulnerability in CDataMoji of the jwwlib component of
LibreCAD allows an attacker to achieve Remote Code Execution using a
crafted JWW document.
* Fix CVE-2021-45343:
In LibreCAD, a NULL pointer dereference in the HATCH handling of libdxfrw
allows an attacker to crash the application using a crafted DXF document.
Files:
8e314dde964504d406ff8fdd0e049814 2415 graphics optional librecad_2.1.2-1+deb9u3.dsc
2d3067f1bb6e7277d1d39be2ea871023 17428 graphics optional librecad_2.1.2-1+deb9u3.debian.tar.xz
baaef29374e82d061310d430691fac3f 13969 graphics optional librecad_2.1.2-1+deb9u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmH7xrtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkPQcP/0sGBaOHFItiuEviRJzzs/Tm/x1yO2ADHuLe
edP9audoDAmTvHRa3IDVliwwucB28JFGL4X8eYWP5TYP7QIsAyzbcvR7y8Yg2vj+
onNwgP+QWBshYxqG69dhqjL5XXfXCX9gYc+DgxLDE9inX7eWu2pncgAgXaG/0CMD
MKge3E9mIXG0i5L1ZDNbD5uT/MDeYdjZfldLs05SMRkq4MVgneg+hM3jD/POviJc
dmU7w0NSwcY/A5lXIZ81Q1qx0GiEGkNdf//sm6qOesfRfKllJ2MVxkYhEo1BGC04
+pNtoqN3P434oZ/w7ZcYFAZqtZuKGPu7r7S6+DlifCrWecgwcKEjvfZ9Xkbvmo0b
xqKohw8dreQooEj6qggnqWKTJNvSbLR5UnpjpVyd49/+5VN0bo9CEdn1zhwZQuaX
9Bb+Rg6/eTaQDzycOJW5tTUjNDCjdcKGazmRWqF+2v85KJ1rfznSPOuUnDlJIIzJ
JgttfYJbxWf6DAJVFa6hWPVXUlq0XfFie0PlfiFM01E9jOBNAr4MM2aC2LnLwQhQ
LXDwKaV98UeYJCnPyY4ODzs4AN89Ce/owKDW6+7SvWvM/t2hzPZ7g4fYUJOdT1CV
33VhOIykHLcWflTA7c0M6icVqpNnLTJKTBZoh47OnyfC7nD2ZpHWwwiwNwt+iXUI
XxZ9lDP4
=cDsU
-----END PGP SIGNATURE-----