Versie 2.2.0.1 van LibreCAD is uitgekomen. Dit opensource en crossplatform programma is ooit begonnen als CADuntu met de bedoeling om CAM-functionaliteit toe te voegen aan de community edition van QCad. Kort na het ontstaan is de naam naar LibreCAD veranderd. Meer informatie over het programma is in de wiki beschikbaar. De releasenotes voor versie 2.2.0.1 kunnen hieronder worden gevonden.
Bugfix release 2.2.0.1This is a bugfix release for official stable release 2.2.0. It fixes a minor vulnerability (CVE-2023-30259) with a mature
shapelibcontained in our codebase. The vulnerability addresses only the pluginImportshp, which is used to import shape files (SHP/SHX/DBF).
Shape files are used in surveying and so do not affect the most users. As this is probably not a widely used plugin, the fix was just to remove the plugin.If you are a surveyor and need the shape file support, it is safe to stay with 2.2.0 version, as long as you know the origin of the used shape files. The vulnerability is an out-of-bounds read, what means, if a malformed shape file is imported, the application can crash. With some efforts an attacker possibly can create a shape file, which can lead to unintended code execution and seize your computer. But this is a worst case scenario, which I would rate as extremely low to occur.
:strip_exif()/i/2005514812.png?f=thumbmedium)
/u/2085/crop5dd3f233e1f86.png?f=community){kind=small}
/u/151149/crop5fde11d32f663_cropped.png?f=community){kind=small}
:strip_icc():strip_exif()/u/1668372/crop61739eae50965_cropped.jpg?f=community){kind=small}