http://bugzilla.opensuse.org/show_bug.cgi?id=1174236 Bug ID: 1174236 Summary: VUL-0: CVE-2019-20909,CVE-2019-20910,CVE-2019-20911,CVE-2019- 20912,CVE-2019-20913,CVE-2019-20914,CVE-2019-20915: libredwg: Multiple vulnerabilities fixed in 0.9.3 Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/263854/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: jengelh@inai.de Reporter: atoptsoglou@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2019-20909 An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_LWPOLYLINE in dwg.spec. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20909 https://github.com/LibreDWG/libredwg/commit/d7913b893bfa98fab27f05825dc4cab2... https://github.com/LibreDWG/libredwg/issues/178 CVE-2019-20910 An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decode_R13_R2000 in decode.c, a different vulnerability than CVE-2019-20011. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20910 https://github.com/LibreDWG/libredwg/commit/f878ba67b638f0d5050b6dba61b9737f... https://github.com/LibreDWG/libredwg/issues/178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20910 CVE-2019-20911 An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to denial of service in bit_calc_CRC in bits.c, related to a for loop. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20911 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20911 https://github.com/LibreDWG/libredwg/commit/c6f6668b82bfe595899cc820279ac37b... https://github.com/LibreDWG/libredwg/issues/178 CVE-2019-20912 An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20912 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20912 https://github.com/LibreDWG/libredwg/commit/b84c2cab55948a5ee70860779b264091... https://github.com/LibreDWG/libredwg/issues/178 CVE-2019-20913 An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in dwg_encode_entity in common_entity_data.spec. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20913 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20913 https://github.com/LibreDWG/libredwg/commit/3f503dd294efc63a59608d8a16058c41... https://github.com/LibreDWG/libredwg/issues/178 CVE-2019-20914 An issue was discovered in GNU LibreDWG through 0.9.3. There is a NULL pointer dereference in the function dwg_encode_common_entity_handle_data in common_entity_handle_data.spec. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20914 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20914 https://github.com/LibreDWG/libredwg/commit/3b837bb72d6b9ab4d563faa211f90efc... https://github.com/LibreDWG/libredwg/issues/178 CVE-2019-20915 An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bit_write_TF in bits.c. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20915 https://github.com/LibreDWG/libredwg/issues/178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20915 https://github.com/LibreDWG/libredwg/commit/95cc9300430d35feb05b06a9badf6784... -- You are receiving this mail because: You are on the CC list for the bug.