Stay Secure with the Latest Linux Advisories

security advisoryfedorabuffer overflow

Fedora 36: 2022-635599924b Critical: Libdxflib Buffer Overflow

Update to 3.26.4, with bug fixes and a security fix for CVE-2021-21897. Package class documentation and examples. The following probably-relevant entries are drawn from the [QCAD Changelog](https://www.qcad.org/en/documentation/changelog): ### 3.22.1 (2019/05/22) **Fixes** - [FS#1866 - DXF: EXTMIN/EXTMAX. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-635599924b 2022-05-07 04:08:14.310226 --------------------------------------------------------------------------------Name : libdxflib Product : Fedora 36 Version : 3.26.4 Release : 2.fc36 URL : https://www.ribbonsoft.com/en/90-dxflib Summary : A C++ library for reading and writing DXF files Description : dxflib is a C++ library for reading and writing DXF files. --------------------------------------------------------------------------------Update Information: Update to 3.26.4, with bug fixes and a security fix for CVE-2021-21897. Package class documentation and examples. The following probably-relevant entries are drawn from the [QCAD Changelog](https://www.qcad.org/en/documentation/changelog): ### 3.22.1 (2019/05/22) **Fixes** - [FS#1866 - DXF: EXTMIN/EXTMAX interchanged]() ### 3.21.1 (2018/06/29) **Fixes** - [FS#1180 - dxflib cannot open files with international characters in path or file name]() ### 3.18.0 (2017/09/22) **Fixes** - [FS#1631 - dxflib: wrong definition of DL_POLYLINE3D flag]() ### 3.17.2 (2017/06/27) **Fixes** - [FS#1572 - Dimension font not set to "Standard" when importing through dxflib]() --------------------------------------------------------------------------------ChangeLog: * Fri Apr 1 2022 Benjamin A. Beasley 3.26.4-2 - Package documentation and examples * Fri Apr 1 2022 Benjamin A. Beasley 3.26.4-1 - Update to 3.26.4 (close RHBZ#1996851) * Fri Apr 1 2022 Benjamin A. Beasley 3.17.0-19 - Build with qmake from Qt6 instead of Qt4 * Fri Apr 1 2022 Benjamin A. Beasley 3.17.0-18 - General spec file cleanup --------------------------------------------------------------------------------References: [ 1 ] Bug #2080983 - CVE-2021-21897 libdxflib: heap-based buffer overflow in the DL_Dxf:handleLWPolylineData function https://bugzilla.redhat.com/show_bug.cgi?id=2080983 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-635599924b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Upgrade libdxflib to version 3.26.4 in Fedora to tackle a severe buffer overflow issue and integrate various essential bug resolutions.. libdxflib update, buffer overflow patch, Fedora security update, software update notification. . Severity: Critical. LinuxSecurity.com Team

May 07, 2022 •Critical Fedora