Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 918609 (CVE-2023-30259) - media-gfx/librecad: multiple vulnerabilities
Summary: media-gfx/librecad: multiple vulnerabilities
Alias: CVE-2023-30259
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [stable?]
Keywords: PullRequest
Depends on:
Reported: 2023-11-26 14:07 UTC by John Helmert III
Modified: 2024-07-11 10:16 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-26 14:07:29 UTC
CVE-2023-30259 (

A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.

Fix is in, but there's another vulnerability that the says is fixed:

"An undetected vulnerability, opening malformed LFF font files caused a crash"

Needs bump to
Comment 1 Larry the Git Cow gentoo-dev 2024-06-30 00:00:10 UTC
The bug has been referenced in the following commit(s):

commit d119747e183865a1ec18c1f851a422b489fb421a
Author:     Michael Mair-Keimberger <>
AuthorDate: 2024-06-29 10:32:23 +0000
Commit:     Conrad Kostecki <>
CommitDate: 2024-06-29 23:54:56 +0000

    media-gfx/librecad: add
    Signed-off-by: Michael Mair-Keimberger <>
    Signed-off-by: Conrad Kostecki <>

 media-gfx/librecad/Manifest                |  1 +
 media-gfx/librecad/librecad- | 85 ++++++++++++++++++++++++++++++
 2 files changed, 86 insertions(+)