[SECURITY] [DLA 3046-1] librecad security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 3046-1] librecad security update
From: "Chris Lamb" <lamby@debian.org>
Date: Tue, 7 Jun 2022 04:21:50 -0400 (EDT)
Message-id: <[🔎] 165459008638.398391.8088532005429522019@copycat>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3046-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
June 07, 2022                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : librecad
Version        : 2.1.2-1+deb9u4
CVE ID         : CVE-2021-21897
Debian Bug     : #1010349

It was discovered that there was a potential heap buffer overflow in
librecad, a popular computer-aided design (CAD) system. A specially
crafted .dxf file could have led to arbitrary code execution.

For Debian 9 "Stretch", this problem has been fixed in version
2.1.2-1+deb9u4.

We recommend that you upgrade your librecad packages.

For the detailed security status of librecad please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/librecad

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmKfCoUACgkQHpU+J9Qx
Hlj+9g/+JKfN7j84iKQkOOzoSJtT9/di0kkFQO6vJXmTrRPrLhlppYQ2MxKSuWn7
7ZIdCCAh5c4+04CSgpKta/Ha2piQRD5nELzoOT+Gi3fkMWTI0VfiOUbP/TPm5hF4
+jE2V8TqqjTgLjgWDPR1R2rd68ZRXAF96p83Jej0wwWAUQ5uWTGGRed42dPxgoLK
kd0UIjMPw1l4TkyuG6/SsDI3TO0c36A+3Bj50lq7Sp3XUCsDdUgdT54uqC2BH4P+
faLqhr897Q9GjyfHQxOXrsijbhgdqfmccY+C6R95IxXzUsbFS6wLd7RRHByNMIpm
/OnCBq2ZnyxaTxdd8oiFn7TXfXIBjlcDvA4H4VmqbCI68mCRhnSIC5oFk1qKn1ow
iV4XWLaOOkrXyPklAYZVndBrcJi1BrnKA+FhPcUW/Rm0c3fBxmV9AxnRGL0v3L1o
VpVJD4U6mXD5Mb39PNBOaRjUVeasZ7CtqPd+dzclFyN+ag7Wt61eAOvEAzL4PTqO
tTybCzoJhpc+DB1g6EmG+DZ6oISKil7pjwoHv8J790pbEELYJaHzVX6NpJ4CX7Ez
dXjuEn3UO5Q+U5QxTezzz4HmDD9WpBUwc7uIgLjhzix5d6TkKGzCN2fE0j9kzVyC
MJBjmLADeNqvHSve4RJlhdqfNqXGL9/92dMCkBpKjkUz1gI0jpQ=
=xQNn
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update
Next by Date: [SECURITY] [DLA 3047-1] avahi security update
Previous by thread: [SECURITY] [DLA 3045-1] php-horde-mime-viewer security update
Next by thread: [SECURITY] [DLA 3047-1] avahi security update
Index(es):
- Date
- Thread