[SECURITY] [DSA 5229-1] freecad security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5229-1] freecad security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Tue, 13 Sep 2022 21:01:07 +0000
Message-id: <[🔎] 20220913210107.GA23060@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5229-1                   security@debian.org
https://www.debian.org/security/                                  Aron Xu
September 13, 2022                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : freecad
CVE ID         : CVE-2021-45844 CVE-2021-45845

Two vulnerabilities were discovered in FreeCAD, a CAD/CAM program,
which could result in the execution of arbitrary shell commands when
opening a malformed file.

For the stable distribution (bullseye), these problems have been fixed in
version 0.19.1+dfsg1-2+deb11u1.

We recommend that you upgrade your freecad packages.

For the detailed security status of freecad please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/freecad

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmMg738ACgkQEMKTtsN8
TjaLkQ/9EOca7GwrUzgvNojeoO6BV9LDp1SXC7xgcINEicV/uJLTYv2qrqw4HHUC
jJHHrD5UvyLWXLxl408q6VMTH/KtoN07HdsG9zOkE4kL6IWbRxRKyILPGtljvNDF
+Xg+NZy8Uodv7f+mrS4eTaneiG2ATtINC0CiANvr8yBxhARtYCbnsNppb4UdEO1p
jvgtlq93RNAWzO6Kyc7wPwdIYTtmuEa3WRs9TmDUTcafbBccgFxpbu2PVRVIfJ6+
HreOTPoBxfm9+MBjlq0QD5G7ZhuHw8LBlW7eKS7JRTOIkkXs/0jAFr/hcyVoJ+AD
f4NKIOWVTDkUYTj80+yELglor7WuujksJOk2bEdecQ5OLTUz46f6dRNXWCB4T3dM
f2TW1HMFN2b2r/QDc6U0vO/22HmAJ+trB2ms483eIZhaB92rV8xzGX1j9z3TCURT
Zq5STtmIg74YEvyW7EGcIbWESzob7C7YNcpWPYP00tiT+gNP4DtmTg3XGS9LOudW
CxUAXh1PqcVdZ9L+HVRmrqwmjWEjJTJeG881WFZ/P1iWpX9nTqssZtOmb61xNnHv
NjvBbwp0fi7iT8cNmRthiLGJjyVWRHLMCoOdwnfU+vBEkpwa69LUfZeJVK3leL+h
ZY0kARa50z7GjZoYWqIJcgLEz3r0vAPyu6u1CkfqdtFo7JGzVDg=
=gdGI
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5228-1] gdk-pixbuf security update
Next by Date: [SECURITY] [DSA 5230-1] chromium security update
Previous by thread: [SECURITY] [DSA 5228-1] gdk-pixbuf security update
Next by thread: [SECURITY] [DSA 5230-1] chromium security update
Index(es):
- Date
- Thread