CVE-2021-45845 (https://tracker.freecad.org/view.php?id=4810): The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. CVE-2021-45844 (https://tracker.freecad.org/view.php?id=4809): Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a57d11c8caaa82831507a2074d19ec87cb62dbcb commit a57d11c8caaa82831507a2074d19ec87cb62dbcb Author: Bernd Waibel <waebbl-gentoo@posteo.net> AuthorDate: 2022-01-31 05:32:36 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-03 02:18:14 +0000 media-gfx/freecad: backport vulnerability patches Bug: https://bugs.gentoo.org/832209 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/24043 Signed-off-by: Sam James <sam@gentoo.org> ...-0004809-Security-vulnerability-in-DWG-im.patch | 59 ++++ ...-Use-run-instead-of-Popen-to-avoid-need-f.patch | 25 ++ media-gfx/freecad/freecad-0.19.2-r6.ebuild | 326 +++++++++++++++++++++ 3 files changed, 410 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=688c609c7edf5ac40dbdc89ef419187544e4319f commit 688c609c7edf5ac40dbdc89ef419187544e4319f Author: Bernd Waibel <waebbl-gentoo@posteo.net> AuthorDate: 2022-02-03 05:15:21 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-02-03 15:51:13 +0000 media-gfx/freecad: cleanup vulnerable versions Bug: https://bugs.gentoo.org/832209 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/24061 Signed-off-by: John Helmert III <ajak@gentoo.org> media-gfx/freecad/freecad-0.19.2-r5.ebuild | 324 ----------------------------- 1 file changed, 324 deletions(-)
Thanks, all done!