Branch sisyphus_e2k update bulletin.

Package librecad updated to version 2.2.0.2-alt1 for branch sisyphus_e2k.

Published: 2022-01-25
Modified: 2024-11-21

CVE-2021-45343

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Published: 2023-06-28
Modified: 2024-11-21

CVE-2023-30259

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

References:

Package plasma5-addons updated to version 5.27.11-alt2 for branch sisyphus_e2k.

Некорректное масштабирование виджета "Выбор цвета" в "Группирующий виджет"

Package epmgpi updated to version 1.3-alt1 for branch sisyphus_e2k.

Некорректное поведение программы

Package vim updated to version 9.1.0050-alt3 for branch sisyphus_e2k.

vim-common and vim-minimal conflict on merged-usr

Package python3-module-Pillow updated to version 10.3.0-alt1 for branch sisyphus_e2k.

Published: 2024-04-03
Modified: 2025-11-04

CVE-2024-28219

In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Version: 2.1.2

Branch sisyphus_e2k update on 2024-04-17

ALT-BU-2024-6788-1

ALT-PU-2024-6782-1

Closed vulnerabilities

CVE-2021-45343

CVE-2023-30259

ALT-PU-2024-6784-1

Closed bugs

Bug #43967

ALT-PU-2024-6785-1

Closed bugs

Bug #49986

ALT-PU-2024-6786-1

Closed bugs

Bug #49541

ALT-PU-2024-6787-1

Closed vulnerabilities

CVE-2024-28219