PT-2026-57481 · Opensuse · Libredwg
CVE-2026-15181
·
Published
2026-07-10
·
Updated
2026-07-13
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
This update for libredwg fixes the following issues:
Changes in libredwg:
- Update to snapshot 0.14.8413
- fix dwg next entity NULL pointer dereference [CVE-2026-15184, boo#1271170]
- Fix dwg bmp thumbnail overflow checks [CVE-2026-15181, boo#1271169]
- Resolve NULL pointer dereference (SEGV) in match BLOCK HEADER [CVE-2026-9529, boo#1266380]
- Added DXB (binary DXF) support: dwgwrite/dwgread/dwg2dxf accept DXB input/output, and dxfwrite accepts DXB.
- Minor features:
- R2007+ split string stream encoding for Header, Classes, and objects.
- Added cycle checks in entity link chains.
- Added release helpers and improved CI (ODAFileConverter QT6, xvfb-run).
- dwgfuzz: show mode with --version.
- update to 0.14:
- Write support for r2004 (AC1018) DWG files. The encoder now produces compressed, encrypted section headers and the LZ77-compressed object data layout required since r2004.
- Split large object files (encode, decode) into 2 objects, significantly reducing peak memory usage during compilation and enabling parallel builds to scale better.
- dwgadd: handle fields (e.g. layer, ltype, style) can now be
set by table-record name in addition to raw handle references.
A string value like
line.layer = "FOO"is resolved via dwg find tablehandle() at parse time. - Added DXB (binary DXF) support: dwgwrite/dwgread/dwg2dxf accept DXB input/output, and dxfwrite accepts DXB.
- R2007+ split string stream encoding for Header, Classes, and objects.
- Added cycle checks in entity link chains. GH #1226.
- Added regression tests for decompress r2007 OOB reads and R2004 section decompression. Added dwgfilter.test.
- Added release helpers and improved CI (ODAFileConverter QT6, xvfb-run).
- dwgfuzz: show mode with --version.
- API/ABI changes (source-incompatible):
- Renamed HEADER/2NDHEADER.is maint to maint rel version.
- Renamed PROXY OBJECT.dwg versions.
- Bumped SO VERSION to 0:14:0.
- Update to snapshot 0.13.4.8200
- Write support for r2004 (AC1018) DWG files. The encoder now produces compressed, encrypted section headers and the LZ77-compressed object data layout required since r2004.
- Split large object files (encode, decode) into 2 objects, significantly reducing peak memory usage during compilation and enabling parallel builds to scale better.
- dwgadd: handle fields (e.g. layer, ltype, style) can now be set
by table-record name in addition to raw handle references. A
string value like
line.layer = "FOO"is resolved via dwg find tablehandle() at parse time. - Fix decompress R2004 section buffer overflow [CVE-2026-9501, CVE-2026-9502, CVE-2026-9529, CVE-2026-9530, boo#1266377, boo#1266378, boo#1266380, boo#1266287]
- Fix dwg next entity NULL pointer dereference [CVE-2026-9503, boo#1266379]
- Fix NULL pointer dereferences in DXF output for corrupted DWG input [CVE-2026-9504, boo#1266321]
- decode: fix decompression overflow [CVE-2026-9605, boo#1266365]
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Libredwg