-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2934-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 07, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : freecad Version : 0.16+dfsg2-3+deb9u1 CVE ID : CVE-2021-45844 Debian Bug : 1005747 A command injection vulnerability was found in FreeCAD, a parametric 3D modeler, when importing DWF files with crafted filenames. For Debian 9 stretch, this problem has been fixed in version 0.16+dfsg2-3+deb9u1. We recommend that you upgrade your freecad packages. For the detailed security status of freecad please refer to its security tracker page at: https://security-tracker.debian.org/tracker/freecad Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmIl9kQACgkQnUbEiOQ2 gwL+GA//Z/CdsLC0ogXZ7ZSsTxUzQH/vm/YTPEn7rEvckofRiZSlwa4rrSpEGWpm axJcV7J0VG/Rj0cn7yv/HxDfCGyzhjx8OWrydJ3UQDSTs6KIBTlAYkPoGxMWHGVb 7WJT5WGW86uNZejsM2hTe/HRewJ/PbsdY2J0ZJoa5CZl+3DZ11JWxagUz2Ctx1md FZSlsM1H8f5X65WuRx5/AeKxpt585H7FXEd/g30WgufsHw9T1zfNFQYEQ3s7jID2 A2HMDKPT4aWokffI1B+VYt2KSScS0vlPz7PIVK7xGwbq0US7hqgVv6T9u0zfuWIr qw6vjl4oEyOM0R228Qpnedw95Lm9Cbk8fOW7bioVaYLZZ1oFp+d5u8LkDYHaflLt se4RvjE5nn7zibP7ue/Z31XO/SRv/teVJv14z23GowTA05qhAwaeDTsHYxGg4tIR YCt2v35BgIVFH0tNKyChexVcCPX1mHmUwPyz7MdkDVXV7dq/m1Yt6j+QqboJ51P1 Epk8+fuzoCgHgNaqwdDKQE5UX/6zAtfNCmAR3nruwo+8JkuTQTNCalLJ7Dx/O/Er jzoZZjC20Kn3NucgRwrArTTQ8x3kjGkA/9RqwiP3/mv2GEWvdbsmZPqE+Nky6FJ8 33/qd+L9Ks/rDmrD4MQCtPcrkVVyBG6Eg0Jc8hTATr8Qxo45RMM= =Psfq -----END PGP SIGNATURE-----
