Jan Engelhardt
086d908522
libredwg 0.13.3 OBS-URL: https://build.opensuse.org/request/show/1154164 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libredwg?expand=0&rev=47
224 lines
8.8 KiB
Plaintext
224 lines
8.8 KiB
Plaintext
-------------------------------------------------------------------
|
|
Fri Mar 1 19:29:26 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 0.13.3:
|
|
* Promote SUN object to stable
|
|
* Improve BLOCKSTRETCHACTION
|
|
* Improveddxf import for OLE2FRAME.data
|
|
* Fix some fuzzing errors
|
|
* Improve wrong DWG_MAX_OBJSIZE, which prevented very large
|
|
3DSOLID's to encode, like STEERING.dwg from_autocad_r13
|
|
* Improved support for beta versions, no logic holes
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 11 11:42:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to release 0.13.2
|
|
* Added pre-R13 DWG decode support for all old DWG formats
|
|
* Added read support on bigendian platforms (no write)
|
|
* Full support for en-/decoding foreign codepages, also the MIF
|
|
\M=1-5xxxx format. (With and without iconv)
|
|
* Added WMF and PNG support to dwgbmp
|
|
* Added a third *int alloced arg to dwg_dynapi_handle_name()
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 2 13:28:11 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to tag 0.12.5.6924
|
|
* Addressed CVE-2023-26157 [boo#1218473]
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 21 09:42:33 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Set -D_GNU_SOURCE to work around strcasestr being undeclared
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 15 17:21:54 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to tag 0.12.5.5907
|
|
* Addressed CVE-2022-33025 [boo#1200898],
|
|
CVE-2023-36271 [boo#1212709], CVE-2023-36272 [boo#1212707],
|
|
CVE-2023-36273 [boo#1212706], CVE-2023-36274 [boo#1212705]
|
|
- Delete 0001-bits-change-bit_copy_chain.patch,
|
|
0001-fix-obj_flush_hdlstream-GH-497.patch (merged)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 19 15:13:22 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Add 0001-bits-change-bit_copy_chain.patch,
|
|
0001-fix-obj_flush_hdlstream-GH-497.patch
|
|
[CVE-2022-35164] [boo#1202553]
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 13 23:43:55 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]
|
|
* Restricted accepted DXF objects to all stable and unstable
|
|
classes, minus MATERIAL, ARC_DIMENSION, SUN, PROXY*. I.e.
|
|
most unstable objects do not allow unknown DXF codes anymore.
|
|
This fixed most oss-fuzz errors.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 17 00:00:50 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to release 0.11.1
|
|
* Fixed decode of Unicode string streams.
|
|
* Fixed UCS-2 to UTF-8 conversion for the chars 128-255.
|
|
* Moved PSPACE entities from BLOCKS to ENTITIES
|
|
* Fixed \r\n quoting in DXF texts
|
|
* Generalize and fix DXF text splitup into 255 chunks and
|
|
quoting, add basic shift-jis quoting support for Katagana and
|
|
Hiragana letters (Japanese \M+1xxxx => Unicode \U+XXXX)
|
|
* Added indxf dwg_has_subclass check to avoid buffer overflows
|
|
when writing to wrong subclasses.
|
|
* Improved SAB 2 to SAT 1 conversion: Split overlarge blocks
|
|
into block_size of max 4096. Add "^ " quoting rule.
|
|
* Fixed decode of empty classes section, esp. for r13c3 and
|
|
r14.
|
|
* Keep IDBUFFER for old DXFs (r13-r14)
|
|
* Fixed SummaryInfo types from T to TU16, relevant for DXF
|
|
headers too.
|
|
* Add missing UTF-8 conversion in geojson for TEXT, MTEXT,
|
|
GEOPOSITIONMARKER.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 12 20:59:49 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 0.11:
|
|
* new programs dwgfilter, dxfwrite
|
|
* improved file support for r2004+ (incomplete)
|
|
* Add support for GeoJSON RFC794a godsend for the json importer)
|
|
* API extensions and breaking changes
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Apr 12 07:26:25 UTC 2020 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 0.10.1:
|
|
* Fixed dwg2SVG htmlescape overflows and off-by-ones
|
|
* Removed direct usages of fprintf and stderr in the lib
|
|
* Fuzzing fixes for dwg2SVG, dwgread
|
|
* Fixed eed.raw leaks
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 9 13:22:34 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to release 0.10
|
|
* API breaking changes:
|
|
* Added a new int *isnewp argument to all dynapi utf8text
|
|
getters, if the returned string is freshly malloced or not.
|
|
* removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and
|
|
UNKNOWN_ENT left, with common_entity_data.
|
|
* renamed BLOCK_HEADER.preview_data to preview,
|
|
preview_data_size to preview_size.
|
|
* renamed SHAPE.shape_no to style_id.
|
|
* renamed CLASS.wasazombie to is_zombie.
|
|
* Bugfixes:
|
|
* Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c.
|
|
* Fixed encoding of added r2000 AUXHEADER address.
|
|
* Fixed EED encoding from dwgrewrite.
|
|
* Add several checks against
|
|
[CVE-2020-6609, boo#1160520], [CVE-2020-6610, boo#1160522],
|
|
[CVE-2020-6611, boo#1160523], [CVE-2020-6612, boo#1160524],
|
|
[CVE-2020-6613, boo#1160525], [CVE-2020-6614, boo#1160526],
|
|
[CVE-2020-6615, boo#1160527]
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Dec 29 20:45:54 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to release 0.9.3
|
|
* Added the -x,--extnames option to dwglayers for r13-r14 DWGs.
|
|
* Fixed some leaks: SORTENTSTABLE, PROXY_ENTITY.ownerhandle
|
|
for r13.
|
|
* Add DICTIONARY.itemhandles[] for r13 and r14.
|
|
* Fixed some dwglayers null pointer derefs, and flush its output
|
|
for each layer.
|
|
* Added several overflow checks from fuzzing
|
|
[CVE-2019-20010, boo#1159825], [CVE-2019-20011, boo#1159826],
|
|
[CVE-2019-20012, boo#1159827], [CVE-2019-20013, boo#1159828],
|
|
[CVE-2019-20014, boo#1159831], [CVE-2019-20015, boo#1159832]
|
|
* Disallow illegal SPLINE scenarios
|
|
[CVE-2019-20009, boo#1159824]
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 30 14:46:09 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
|
|
|
|
- Update to release 0.9.1
|
|
* Fixed more null pointer dereferences, overflows, hangs and
|
|
memory leaks for fuzzed (i.e. illegal) DWGs.
|
|
- Update to release 0.9 [boo#1154080]
|
|
* Added the DXF importer, using the new dynapi and the r2000
|
|
encoder. Only for r2000 DXFs.
|
|
* Added utf8text conversion functions to the dynapi.
|
|
* Added 3DSOLID encoder.
|
|
* Added APIs to find handles for names, searching in tables
|
|
and dicts.
|
|
* API breaking changes - see NEWS file in package.
|
|
* Fixed null pointer dereferences, and memory leaks (except DXF
|
|
importer)
|
|
[boo#1129868, CVE-2019-9779]
|
|
[boo#1129869, CVE-2019-9778]
|
|
[boo#1129870, CVE-2019-9777]
|
|
[boo#1129873, CVE-2019-9776]
|
|
[boo#1129874, CVE-2019-9773]
|
|
[boo#1129875, CVE-2019-9772]
|
|
[boo#1129876, CVE-2019-9771]
|
|
[boo#1129878, CVE-2019-9775]
|
|
[boo#1129879, CVE-2019-9774]
|
|
[boo#1129881, CVE-2019-9770]
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 1 11:00:01 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
|
|
|
|
- update to 0.8:
|
|
* add a new dynamic API, read and write all header and object
|
|
fields by name
|
|
* API breaking changes
|
|
* Fix many errors in DXF output
|
|
* Fix JSON output
|
|
* Many more bug fixes to handle specific object types
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 10 09:49:22 UTC 2018 - astieger@suse.com
|
|
|
|
- update to 0.7:
|
|
* add API to retrieve all objects in a DWG
|
|
* various API breaking changes
|
|
* Various fixes for memory leaks and double free and other issues
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Nov 10 12:26:48 UTC 2018 - astieger@suse.com
|
|
|
|
- update to 0.6.2:
|
|
* Improved handling of DWG files found in the wild
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 14 07:18:39 UTC 2018 - astieger@suse.com
|
|
|
|
- update to 0.6:
|
|
* API breaking changes:
|
|
+ Removed dwg_obj_proxy_get_reactors(), use dwg_obj_get_reactors() instead.
|
|
+ Renamed SORTENTSTABLE.owner_handle to SORTENTSTABLE.owner_dict.
|
|
+ Renamed all -as-rNNNN program options to --as-rNNNN.
|
|
* a number of bug fixes, correctness fixes and memory leak fixes
|
|
* Add support for more DWG objects
|
|
* Add pkg-config file
|
|
- drop patches (upstream): CVE-2018-14524.patch, CVE-2018-14471.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 9 09:34:20 UTC 2018 - astieger@suse.com
|
|
|
|
- CVE-2018-14524: double free (boo#1102702)
|
|
add CVE-2018-14524.patch
|
|
- CVE-2018-14471: NULL pointer dereference DoS (boo#1102696)
|
|
add CVE-2018-14471.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 14 10:00:58 UTC 2018 - jengelh@inai.de
|
|
|
|
- Trim redundant wording and future aims.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 10 09:46:52 UTC 2018 - astieger@suse.com
|
|
|
|
- initial version (0.5)
|