-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 18 Aug 2022 15:02:04 +0800 Source: freecad Architecture: source Version: 0.19.1+dfsg1-2+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org> Changed-By: Aron Xu <aron@debian.org> Changes: freecad (0.19.1+dfsg1-2+deb11u1) bullseye-security; urgency=medium . * Non-maintainer upload by the Security Team. * CVE-2021-45844 and CVE-2021-45845: - Fix two external command execution issues in Python scripts that are vunlnerbale to OS command injection when crafted input file is applied Checksums-Sha1: f942049bb08fc68f4447f1101f61a0382807b733 3002 freecad_0.19.1+dfsg1-2+deb11u1.dsc 89a06b08061884f5c17cea81feff2466e47078c0 34522364 freecad_0.19.1+dfsg1.orig.tar.xz 26a2da0cfef62227d056a1425ec7e47c19a85df4 29284 freecad_0.19.1+dfsg1-2+deb11u1.debian.tar.xz acde744830954d594a27f9ff1527de24666c330a 8001 freecad_0.19.1+dfsg1-2+deb11u1_source.buildinfo Checksums-Sha256: 6fb8e7ac68c5b373d4ace2d0800b3801f6cd7cb8cd52a73e0bd7bfe6ed18149e 3002 freecad_0.19.1+dfsg1-2+deb11u1.dsc 6f2c62def05afc720de33567ccbd5d53ee48a138d6978450c2f180c18a50d185 34522364 freecad_0.19.1+dfsg1.orig.tar.xz 64ef82ae785db5bf05fcaba96980b68c513b20aadb28d38f37655704de701b5e 29284 freecad_0.19.1+dfsg1-2+deb11u1.debian.tar.xz 25fb763a459299abef2b3af24e2bd81ad3854b95e94ea9b8c4a81d6793663e66 8001 freecad_0.19.1+dfsg1-2+deb11u1_source.buildinfo Files: 6850f57757a60b55358ffc899bb477ad 3002 science optional freecad_0.19.1+dfsg1-2+deb11u1.dsc 989a7907ff223ca6887e4e8a99de3618 34522364 science optional freecad_0.19.1+dfsg1.orig.tar.xz e7c0dcfa5a1e868574bc1a8b6f42fb7a 29284 science optional freecad_0.19.1+dfsg1-2+deb11u1.debian.tar.xz a11eb4f8a3f6a9b5f8d74189140f70aa 8001 science optional freecad_0.19.1+dfsg1-2+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmMetKYACgkQO1LKKgqv 2VRlBwf/aUbugxi2GKGRRez+C0couZwk+MNaWD2ZIcqpz89sB2G21ynrYUdMrE44 jtLSOXSZRUwW2FbG4huIj9zjTDeRMwVmeQLInAMWWvtFqCd06xQKfgr2yWdtBoSy 881b/oMSZosgRbV4Mdurp/9XiT6sVf4j58WfMMkjOzawG9mInl2ngPuco9IYzOsd VsjKgTZv2UlHUBCSmjmO7N3rLhAOxDYddn0eGyMD2hDOs0Ql/8zbHmZqrtdC4+eT 8BjQuySMKxUZ006VoiR6YF/Ii29bRwJ/43Xgi46V4mhrKhHslbyEozBtk+ewvMjK az4suJq/P7GPXqx3ZDL7H4YBNGBRAQ== =uy3k -----END PGP SIGNATURE-----