Bug 1154608
| Summary: | freecad: potential remote code execution when opening DXF files | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vasyl Kaigorodov <vkaigoro> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | hobbes1069, john, jrusnack |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-05-25 21:22:31 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1154609, 1154610 | ||
| Bug Blocks: | |||
|
Description
Vasyl Kaigorodov
2014-10-20 10:03:22 UTC
Created freecad tracking bugs for this issue: Affects: fedora-20 [bug 1154609] Affects: epel-6 [bug 1154610] This has been fixed upstream for release 0.15 but the fix is not easily ported to the current 0.14 release. Can we call this "fixed"? 0.15 has been updated for rawhide and f22. Due to a library conflict f20 and f21 cannot be updated to 0.15. freecad-0.15-4.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. |