openSUSE Security Update : libredwg (openSUSE-2020-68)

critical Nessus Plugin ID 133130

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for libredwg fixes the following issues :

libredwg was updated to release 0.9.3 :

- Added the -x,--extnames option to dwglayers for r13-r14 DWGs.

- Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle for r13.

- Add DICTIONARY.itemhandles[] for r13 and r14.

- Fixed some dwglayers NULL pointer derefs, and flush its output for each layer.

- Added several overflow checks from fuzzing [CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826], [CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828], [CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832]

- Disallow illegal SPLINE scenarios [CVE-2019-20009, boo#1159824]

Update to release 0.9.1 :

- Fixed more NULL pointer dereferences, overflows, hangs and memory leaks for fuzzed (i.e. illegal) DWGs.

Update to release 0.9 [boo#1154080] :

- Added the DXF importer, using the new dynapi and the r2000 encoder. Only for r2000 DXFs.

- Added utf8text conversion functions to the dynapi.

- Added 3DSOLID encoder.

- Added APIs to find handles for names, searching in tables and dicts.

- API breaking changes - see NEWS file in package.

- Fixed NULL pointer dereferences, and memory leaks (except DXF importer) [boo#1129868, CVE-2019-9779] [boo#1129869, CVE-2019-9778] [boo#1129870, CVE-2019-9777] [boo#1129873, CVE-2019-9776] [boo#1129874, CVE-2019-9773] [boo#1129875, CVE-2019-9772] [boo#1129876, CVE-2019-9771] [boo#1129878, CVE-2019-9775] [boo#1129879, CVE-2019-9774] [boo#1129881, CVE-2019-9770]

Update to 0.8 :

- add a new dynamic API, read and write all header and object fields by name

- API breaking changes

- Fix many errors in DXF output

- Fix JSON output

- Many more bug fixes to handle specific object types

Solution

Update the affected libredwg packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1129868

https://bugzilla.opensuse.org/show_bug.cgi?id=1129869

https://bugzilla.opensuse.org/show_bug.cgi?id=1129870

https://bugzilla.opensuse.org/show_bug.cgi?id=1129873

https://bugzilla.opensuse.org/show_bug.cgi?id=1129874

https://bugzilla.opensuse.org/show_bug.cgi?id=1129875

https://bugzilla.opensuse.org/show_bug.cgi?id=1129876

https://bugzilla.opensuse.org/show_bug.cgi?id=1129878

https://bugzilla.opensuse.org/show_bug.cgi?id=1129879

https://bugzilla.opensuse.org/show_bug.cgi?id=1129881

https://bugzilla.opensuse.org/show_bug.cgi?id=1154080

https://bugzilla.opensuse.org/show_bug.cgi?id=1159824

https://bugzilla.opensuse.org/show_bug.cgi?id=1159825

https://bugzilla.opensuse.org/show_bug.cgi?id=1159826

https://bugzilla.opensuse.org/show_bug.cgi?id=1159827

https://bugzilla.opensuse.org/show_bug.cgi?id=1159828

https://bugzilla.opensuse.org/show_bug.cgi?id=1159831

https://bugzilla.opensuse.org/show_bug.cgi?id=1159832

Plugin Details

Severity: Critical

ID: 133130

File Name: openSUSE-2020-68.nasl

Version: 1.4

Type: local

Agent: unix

Published: 1/21/2020

Updated: 3/29/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-20014

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2019-9775

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libredwg-debuginfo, p-cpe:/a:novell:opensuse:libredwg-debugsource, p-cpe:/a:novell:opensuse:libredwg-devel, p-cpe:/a:novell:opensuse:libredwg-tools, p-cpe:/a:novell:opensuse:libredwg-tools-debuginfo, p-cpe:/a:novell:opensuse:libredwg0, p-cpe:/a:novell:opensuse:libredwg0-debuginfo, cpe:/o:novell:opensuse:15.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/17/2020

Vulnerability Publication Date: 3/14/2019

Reference Information

CVE: CVE-2019-20009, CVE-2019-20010, CVE-2019-20011, CVE-2019-20012, CVE-2019-20013, CVE-2019-20014, CVE-2019-20015, CVE-2019-9770, CVE-2019-9771, CVE-2019-9772, CVE-2019-9773, CVE-2019-9774, CVE-2019-9775, CVE-2019-9776, CVE-2019-9777, CVE-2019-9778, CVE-2019-9779