Fedora Update Notification
2022-02-12 01:14:11.929405

Name        : librecad
Product     : Fedora 34
Version     : 2.2.0
Release     : 0.13.rc3.fc34
URL         : https://librecad.org/
Summary     : Computer Assisted Design (CAD) Application
Description :
A graphical and comprehensive 2D CAD application.

Update Information:

Update librecad to 2.2.0 rc3. Apply fixes to libdxfrw and librecad for
CVE-2021-45341, CVE-2021-45342, CVE-2021-45343. This also resolves the issue
where some dwg files no longer opened.

* Tue Feb  1 2022 Tom Callaway  - 2.2.0-0.13.rc3
- update to rc3
- apply upstream fix for CVE-2021-45342, CVE-2021-45341
* Thu Jan 20 2022 Fedora Release Engineering  - 2.2.0-0.12.rc2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

  [ 1 ] Bug #2027148 - librecad-2.2.0-rc3 is available
  [ 2 ] Bug #2031379 - [regression] .dwg file no longer opens
  [ 3 ] Bug #2046248 - CVE-2021-45341 librecad: buffer overflow in CDataMoji of the jwwlib component allows remote code execution via a crafted JWW document [fedora-all]
  [ 4 ] Bug #2046252 - CVE-2021-45342 librecad: buffer overflow in CDataList of the jwwlib component allows remote code execution via a crafted JWW document [fedora-all]
  [ 5 ] Bug #2046256 - CVE-2021-45343 librecad: NULL pointer dereference in the HATCH handling of libdxfrw can lead to DoS via a crafted DXF document [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-08d7ee21f7' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure