SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libredwg-devel-0.12.5-bp155.1.1.x86_64.rpm :

* Sun Feb 13 2022 Jan Engelhardt - Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]
* Restricted accepted DXF objects to all stable and unstable classes, minus MATERIAL, ARC_DIMENSION, SUN, PROXY
*. I.e. most unstable objects do not allow unknown DXF codes anymore. This fixed most oss-fuzz errors.
* Tue Nov 17 2020 Jan Engelhardt - Update to release 0.11.1
* Fixed decode of Unicode string streams.
* Fixed UCS-2 to UTF-8 conversion for the chars 128-255.
* Moved PSPACE entities from BLOCKS to ENTITIES
* Fixed \\r\
quoting in DXF texts
* Generalize and fix DXF text splitup into 255 chunks and quoting, add basic shift-jis quoting support for Katagana and Hiragana letters (Japanese \\M+1xxxx => Unicode \\U+XXXX)
* Added indxf dwg_has_subclass check to avoid buffer overflows when writing to wrong subclasses.
* Improved SAB 2 to SAT 1 conversion: Split overlarge blocks into block_size of max 4096. Add \"^ \" quoting rule.
* Fixed decode of empty classes section, esp. for r13c3 and r14.
* Keep IDBUFFER for old DXFs (r13-r14)
* Fixed SummaryInfo types from T to TU16, relevant for DXF headers too.
* Add missing UTF-8 conversion in geojson for TEXT, MTEXT, GEOPOSITIONMARKER.
* Wed Aug 12 2020 Andreas Stieger - update to 0.11:
* new programs dwgfilter, dxfwrite
* improved file support for r2004+ (incomplete)
* Add support for GeoJSON RFC794a godsend for the json importer)
* API extensions and breaking changes
* Sun Apr 12 2020 Andreas Stieger - update to 0.10.1:
* Fixed dwg2SVG htmlescape overflows and off-by-ones
* Removed direct usages of fprintf and stderr in the lib
* Fuzzing fixes for dwg2SVG, dwgread
* Fixed eed.raw leaks
* Thu Jan 09 2020 Jan Engelhardt - Update to release 0.10
* API breaking changes:
* Added a new int
*isnewp argument to all dynapi utf8text getters, if the returned string is freshly malloced or not.
* removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and UNKNOWN_ENT left, with common_entity_data.
* renamed BLOCK_HEADER.preview_data to preview, preview_data_size to preview_size.
* renamed SHAPE.shape_no to style_id.
* renamed CLASS.wasazombie to is_zombie.
* Bugfixes:
* Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c.
* Fixed encoding of added r2000 AUXHEADER address.
* Fixed EED encoding from dwgrewrite.
* Add several checks against [CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522], [CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524], [CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526], [CVE-2020-6615, boo#1160527]
* Sun Dec 29 2019 Jan Engelhardt - Update to release 0.9.3
* Added the -x,--extnames option to dwglayers for r13-r14 DWGs.
* Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle for r13.
* Add DICTIONARY.itemhandles[] for r13 and r14.
* Fixed some dwglayers null pointer derefs, and flush its output for each layer.
* Added several overflow checks from fuzzing [CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826], [CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828], [CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832]
* Disallow illegal SPLINE scenarios [CVE-2019-20009, boo#1159824]
* Wed Oct 30 2019 Jan Engelhardt - Update to release 0.9.1
* Fixed more null pointer dereferences, overflows, hangs and memory leaks for fuzzed (i.e. illegal) DWGs.- Update to release 0.9 [boo#1154080]
* Added the DXF importer, using the new dynapi and the r2000 encoder. Only for r2000 DXFs.
* Added utf8text conversion functions to the dynapi.
* Added 3DSOLID encoder.
* Added APIs to find handles for names, searching in tables and dicts.
* API breaking changes - see NEWS file in package.
* Fixed null pointer dereferences, and memory leaks (except DXF importer) [boo#1129868, CVE-2019-9779] [boo#1129869, CVE-2019-9778] [boo#1129870, CVE-2019-9777] [boo#1129873, CVE-2019-9776] [boo#1129874, CVE-2019-9773] [boo#1129875, CVE-2019-9772] [boo#1129876, CVE-2019-9771] [boo#1129878, CVE-2019-9775] [boo#1129879, CVE-2019-9774] [boo#1129881, CVE-2019-9770]
* Thu Aug 01 2019 Andreas Stieger - update to 0.8:
* add a new dynamic API, read and write all header and object fields by name
* API breaking changes
* Fix many errors in DXF output
* Fix JSON output
* Many more bug fixes to handle specific object types
* Mon Dec 10 2018 astiegerAATTsuse.com- update to 0.7:
* add API to retrieve all objects in a DWG
* various API breaking changes
* Various fixes for memory leaks and double free and other issues
* Sat Nov 10 2018 astiegerAATTsuse.com- update to 0.6.2:
* Improved handling of DWG files found in the wild
* Tue Aug 14 2018 astiegerAATTsuse.com- update to 0.6:
* API breaking changes: + Removed dwg_obj_proxy_get_reactors(), use dwg_obj_get_reactors() instead. + Renamed SORTENTSTABLE.owner_handle to SORTENTSTABLE.owner_dict. + Renamed all -as-rNNNN program options to --as-rNNNN.
* a number of bug fixes, correctness fixes and memory leak fixes
* Add support for more DWG objects
* Add pkg-config file- drop patches (upstream): CVE-2018-14524.patch, CVE-2018-14471.patch
* Thu Aug 09 2018 astiegerAATTsuse.com- CVE-2018-14524: double free (boo#1102702) add CVE-2018-14524.patch- CVE-2018-14471: NULL pointer dereference DoS (boo#1102696) add CVE-2018-14471.patch
* Sat Jul 14 2018 jengelhAATTinai.de- Trim redundant wording and future aims.
* Tue Jul 10 2018 astiegerAATTsuse.com- initial version (0.5)
  
ICM