-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 18 Jan 2022 12:05:14 +0000 Source: librecad Architecture: source Version: 2.1.3-2 Distribution: unstable Urgency: medium Maintainer: Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org> Changed-By: Aron Xu <aron@debian.org> Changes: librecad (2.1.3-2) unstable; urgency=medium . * Team upload. * Apply patches for following CVEs, thanks to Sylvain Beucler <beuc> - CVE-2021-21898: A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw. A specially-crafted .dwg file can lead to an out-of-bounds write. - CVE-2021-21899: A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw. A specially-crafted .dwg file can lead to a heap buffer overflow. - CVE-2021-21900: A code execution vulnerability exists in the dxfRW::processLType() functionality of LibreCad libdxfrw. A specially-crafted .dxf file can lead to a use-after-free vulnerability. Checksums-Sha1: 1fc0f8e9ad5b859c6d4a6e73554d9b575837be98 1897 librecad_2.1.3-2.dsc eac60a4e7eadf2969d34f289059053cff4068309 22415288 librecad_2.1.3.orig.tar.gz f818caba888c99d033ecfbb2d2852ab7d3c236a8 17700 librecad_2.1.3-2.debian.tar.xz d4287b7207a4ba7eaec25b7925f647e17f2acd20 6912 librecad_2.1.3-2_source.buildinfo Checksums-Sha256: 70c07762fd3f52a5139c244d54730817d68ccc21183f72e4c62c87f6e4787a90 1897 librecad_2.1.3-2.dsc 74c4ede409b13d0365c65c0cd52dba04f1049530f6df706dc905443d5e60db06 22415288 librecad_2.1.3.orig.tar.gz 0633634c3445a9c43de817a7bd222a7efd81fdea63aca52338caf5829630f278 17700 librecad_2.1.3-2.debian.tar.xz 19bda6ff71bd6199495aecee4ac8eb628a10fe0665e5e0c2792087c6d748c508 6912 librecad_2.1.3-2_source.buildinfo Files: dcdf84201d4792a420fa0fc5846a0c3b 1897 graphics optional librecad_2.1.3-2.dsc cef168e90e247c4a20ec81dd9686110e 22415288 graphics optional librecad_2.1.3.orig.tar.gz 70af54ff8c32be55d1f305616dbddc13 17700 graphics optional librecad_2.1.3-2.debian.tar.xz 306aadf1600388d7bc76a3380ee5c03e 6912 graphics optional librecad_2.1.3-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE+ecpf0kXAAxPjLtll/gMr2GMl1wFAmHmvPoACgkQl/gMr2GM l1wb4gf/RQSv2xfGjGkxB2EoC+pheAuMsZFeBpjSntpk+fat0rn6BzzFQ7Rh3cbs YR5jM7ge0EEUUnIbNGeLdXF2JGbo9gM3pTLEIgV4t+01+JZWC13pJD9DqYnnMApz sH+0L2Kk8id9x1EW4SOES0s9wXd1YDjDBDxZIX1UNZUZvizXiaxsaII+Hf3E7xdO Kv1OPFJ5ovXnc/8XWXmxda+Bsa5Jvt778T6eB4amQ+QJc8YsPY/t0P4ejfiB3ZYL C21Vc8Iz2cnjMkRMzdbN3b3cdj+kMuPWNLOKy94r+zx3Qh2sdaHDtGsYaPkVdmpE sHcX+hYcHKJ2k62My+B+v2Yc4EeTQg== =Itnw -----END PGP SIGNATURE-----
