openSUSE-SU-2020:0115-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0115-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0115-1
- Related
- Published
- 2020-01-28T09:13:25Z
- Modified
- 2020-01-28T09:13:25Z
- Summary
- Security update for libredwg
- Details
-
This update for libredwg fixes the following issues:
libredwg was updated to release 0.10:
API breaking changes:
- Added a new int *isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not.
- removed the UNKNOWN supertype, there are only UNKNOWNOBJ and UNKNOWNENT left, with commonentitydata.
- renamed BLOCKHEADER.previewdata to preview, previewdatasize to preview_size.
- renamed SHAPE.shapeno to styleid.
- renamed CLASS.wasazombie to is_zombie.
Bugfixes:
- Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c.
- Fixed encoding of added r2000 AUXHEADER address.
- Fixed EED encoding from dwgrewrite.
- Add several checks against [CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522], [CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524], [CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526], [CVE-2020-6615, boo#1160527] This update was imported from the openSUSE:Leap:15.1:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SKWWX7O3I3HH2EQGINCPXBXDFW2KZXDJ/
- https://bugzilla.suse.com/1160520
- https://bugzilla.suse.com/1160522
- https://bugzilla.suse.com/1160523
- https://bugzilla.suse.com/1160524
- https://bugzilla.suse.com/1160525
- https://bugzilla.suse.com/1160526
- https://bugzilla.suse.com/1160527
- https://www.suse.com/security/cve/CVE-2020-6609
- https://www.suse.com/security/cve/CVE-2020-6610
- https://www.suse.com/security/cve/CVE-2020-6611
- https://www.suse.com/security/cve/CVE-2020-6612
- https://www.suse.com/security/cve/CVE-2020-6613
- https://www.suse.com/security/cve/CVE-2020-6614
- https://www.suse.com/security/cve/CVE-2020-6615