Package Release Info

libredwg-0.9.3-bp151.2.3.1

Update Info: openSUSE-2020-95
Available in Package Hub : 15 SP1 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libredwg-devel
libredwg-tools
libredwg0

Change Logs

* Sun Dec 29 2019 Jan Engelhardt <jengelh@inai.de>
- Update to release 0.9.3
  * Added the -x,--extnames option to dwglayers for r13-r14 DWGs.
  * Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle
    for r13.
  * Add DICTIONARY.itemhandles[] for r13 and r14.
  * Fixed some dwglayers null pointer derefs, and flush its output
    for each layer.
  * Added several overflow checks from fuzzing
    [CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826],
    [CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828],
    [CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832]
  * Disallow illegal SPLINE scenarios
    [CVE-2019-20009, boo#1159824]
* Wed Oct 30 2019 Jan Engelhardt <jengelh@inai.de>
- Update to release 0.9.1
  * Fixed more null pointer dereferences, overflows, hangs and
    memory leaks for fuzzed (i.e. illegal) DWGs.
- Update to release 0.9 [boo#1154080]
  * Added the DXF importer, using the new dynapi and the r2000
    encoder. Only for r2000 DXFs.
  * Added utf8text conversion functions to the dynapi.
  * Added 3DSOLID encoder.
  * Added APIs to find handles for names, searching in tables
    and dicts.
  * API breaking changes - see NEWS file in package.
  * Fixed null pointer dereferences, and memory leaks (except DXF
    importer)
    [boo#1129868, CVE-2019-9779]
    [boo#1129869, CVE-2019-9778]
    [boo#1129870, CVE-2019-9777]
    [boo#1129873, CVE-2019-9776]
    [boo#1129874, CVE-2019-9773]
    [boo#1129875, CVE-2019-9772]
    [boo#1129876, CVE-2019-9771]
    [boo#1129878, CVE-2019-9775]
    [boo#1129879, CVE-2019-9774]
    [boo#1129881, CVE-2019-9770]
* Thu Aug 01 2019 Andreas Stieger <andreas.stieger@gmx.de>
- update to 0.8:
  * add a new dynamic API, read and write all header and object
    fields by name
  * API breaking changes
  * Fix many errors in DXF output
  * Fix JSON output
  * Many more bug fixes to handle specific object types
Version: 0.10-bp151.2.6.1
* Thu Jan 09 2020 Jan Engelhardt <jengelh@inai.de>
- Update to release 0.10
  * API breaking changes:
  * Added a new int *isnewp argument to all dynapi utf8text
    getters, if the returned string is freshly malloced or not.
  * removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and
    UNKNOWN_ENT left, with common_entity_data.
  * renamed BLOCK_HEADER.preview_data to preview,
    preview_data_size to preview_size.
  * renamed SHAPE.shape_no to style_id.
  * renamed CLASS.wasazombie to is_zombie.
  * Bugfixes:
  * Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c.
  * Fixed encoding of added r2000 AUXHEADER address.
  * Fixed EED encoding from dwgrewrite.
  * Add several checks against
    [CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522],
    [CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524],
    [CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526],
    [CVE-2020-6615, boo#1160527]
Version: 0.11.1-bp152.2.3.1
* Tue Nov 17 2020 Jan Engelhardt <jengelh@inai.de>
- Update to release 0.11.1
  * Fixed decode of Unicode string streams.
  * Fixed UCS-2 to UTF-8 conversion for the chars 128-255.
  * Moved PSPACE entities from BLOCKS to ENTITIES
  * Fixed \r\n quoting in DXF texts
  * Generalize and fix DXF text splitup into 255 chunks and
    quoting, add basic shift-jis quoting support for Katagana and
    Hiragana letters (Japanese \M+1xxxx => Unicode \U+XXXX)
  * Added indxf dwg_has_subclass check to avoid buffer overflows
    when writing to wrong subclasses.
  * Improved SAB 2 to SAT 1 conversion: Split overlarge blocks
    into block_size of max 4096. Add "^ " quoting rule.
  * Fixed decode of empty classes section, esp. for r13c3 and
    r14.
  * Keep IDBUFFER for old DXFs (r13-r14)
  * Fixed SummaryInfo types from T to TU16, relevant for DXF
    headers too.
  * Add missing UTF-8 conversion in geojson for TEXT, MTEXT,
    GEOPOSITIONMARKER.
* Wed Aug 12 2020 Andreas Stieger <andreas.stieger@gmx.de>
- update to 0.11:
  * new programs dwgfilter, dxfwrite
  * improved file support for r2004+ (incomplete)
  * Add support for GeoJSON RFC794a godsend for the json importer)
  * API extensions and breaking changes
* Sun Apr 12 2020 Andreas Stieger <andreas.stieger@gmx.de>
- update to 0.10.1:
  * Fixed dwg2SVG htmlescape overflows and off-by-ones
  * Removed direct usages of fprintf and stderr in the lib
  * Fuzzing fixes for dwg2SVG, dwgread
  * Fixed eed.raw leaks
Version: 0.7-bp151.1.1
* Mon Dec 10 2018 astieger@suse.com
- update to 0.7:
  * add API to retrieve all objects in a DWG
  * various API breaking changes
  * Various fixes for memory leaks and double free and other issues
* Sat Nov 10 2018 astieger@suse.com
- update to 0.6.2:
  * Improved handling of DWG files found in the wild
* Tue Aug 14 2018 astieger@suse.com
- update to 0.6:
  * API breaking changes:
    + Removed dwg_obj_proxy_get_reactors(), use dwg_obj_get_reactors() instead.
    + Renamed SORTENTSTABLE.owner_handle to SORTENTSTABLE.owner_dict.
    + Renamed all -as-rNNNN program options to --as-rNNNN.
  * a number of bug fixes, correctness fixes and memory leak fixes
  * Add support for more DWG objects
  * Add pkg-config file
- drop patches (upstream): CVE-2018-14524.patch, CVE-2018-14471.patch
* Thu Aug 09 2018 astieger@suse.com
- CVE-2018-14524: double free (boo#1102702)
  add CVE-2018-14524.patch
- CVE-2018-14471: NULL pointer dereference DoS (boo#1102696)
  add CVE-2018-14471.patch
* Sat Jul 14 2018 jengelh@inai.de
- Trim redundant wording and future aims.
* Tue Jul 10 2018 astieger@suse.com
- initial version (0.5)
Version: 0.12.5-bp153.2.3.1
* Sun Feb 13 2022 Jan Engelhardt <jengelh@inai.de>
- Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]
  * Restricted accepted DXF objects to all stable and unstable
    classes, minus MATERIAL, ARC_DIMENSION, SUN, PROXY*. I.e.
    most unstable objects do not allow unknown DXF codes anymore.
    This fixed most oss-fuzz errors.