it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5077-1] librecad security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5077-1] librecad security update
Date: Tue, 15 Feb 2022 19:59:25 +0000
List-archive: https://lists.debian.org/msgid-search/20220215195925.GA1534 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=lgQjLRdQeRsUXnJrIjqMB7c8rxucyTMdWcQjjq5ft+U=; b=TX dXzVVz+jeuwFDZK/FA9iEpvGVq2WclGnZwkZWK/GVty7GkmGF2X9s65cIYgG8C1XFUV4NAMhIs0Ls iH08j5E4CE0LpLz6P17Q65TVYEvZ3+vjdFI3hNneDMjkg1b7bPHScoeJCKha8YXB682wLvm63iMww r1a1kZr6sQG6Plzb6mCUJ/yfL919c202EQXKQgQf+IH7/tyO/tqbKnnQ4fk20VWaJ2ZveANJNi6Cg j7LHaWLHJyGyYVW61web5wUUotDRv4TbQ/gCK4D9Miu1g8TfuCNS4dX52n/mBdtYoG5gqt0flj7Le cvYSi9aMo9pKrno9xHzz2GIukkRUDJnA==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Tue, 15 Feb 2022 19:59:45 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <hRZg1dXwJr.A.tAF.xYADiB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5077-1 security AT debian.org
https://www.debian.org/security/ Aron Xu
February 15, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : librecad
CVE ID : CVE-2021-21898 CVE-2021-21899 CVE-2021-21900 CVE-2021-45341
CVE-2021-45342 CVE-2021-45343
Debian Bug : 1004518

Multiple security issues were discovered in LibreCAD, an application for
computer aided design (CAD) which could result in denial of service or
the execution of arbitrary code if a malformed CAD file is opened.

For the oldstable distribution (buster), these problems have been fixed
in version 2.1.3-1.2+deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 2.1.3-1.3+deb11u1.

We recommend that you upgrade your librecad packages.

For the detailed security status of librecad please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/librecad

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIL+S0ACgkQEMKTtsN8
Tjanig/+P9FddQyzoQIE9v/d6aGFaky37bXXzmiD/WdVXTu+ocv8eHBeoaIBGO33
OE5ZjhE/HBvSuisKf1qz0nkm34/VqwekRAcYK6jxeZpJngn96WTuuiz+s/NMnjKT
tn2EuWAM2o0B72PJ3plMW7bRdCheveDL/eM9OkXXbIs5Bj7zqnIKwx0Z1qRYQ/xx
9204jVnv+tfWpYQ4AwyMeKiIZHJExKfQTWkMsAVTjSKoMgorYHKO8qpgmJ0p7B5r
541tzkfcaekFzhyLItiDYUQhFMPF1jN2QotglvRiVJ9PyZX2+pOZ4QfJmI3axyVJ
mFOZbPCvOo0F22eBS0tDty+lM8wxHzhoGNC9OLtbqxDSWeR4mYk1SLgRt0aTCxX2
7Tw5SJteaP9GYTR5A08fEK+aKYxurQXbSd6STTcBQEC4cl76/OMpEYok0OPp7jw8
YQJz6lMUXdS17DMSmPQg6Tp5OVQ9uQL5HLRkqSBXqBOLK0HlUAfVMcs0FYwHnFTL
DlQMaM8clZRwrocE57eWgMSxqevYldIJ+3yVDNqYnHT0GHjUhxO85TtxZ7td5nri
fA9Dwcoxl6RssuELWJEQH5NnBguuBN2r5N8lDtNBx+Xm3TzqbjddFLT6YF8wQ4W5
r0d5BLeh3YIh6zmPHYsGKljsNpieNL7DrwQpmsZbbsMc7dMdleo=
=xrGU
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5077-1] librecad security update, Moritz Muehlenhoff, 15.02.2022

Archiv bereitgestellt durch MHonArc 2.6.24.