Softpedia >Windows >Portable Software >Education >Portable LibreCAD >  Changelog

Portable LibreCAD Changelog

What's new in Portable LibreCAD 2.2.0.2

Jul 31, 2023
  • It fixes 3 minor issue:
  • An undetected vulnerability, opening malformed LFF font files caused a crash
  • Format issues in bundled fonts
  • A regression, finding nearest points on ellipses caused a crash

New in Portable LibreCAD 2.2.0.1 (Jul 13, 2023)

  • This is a bugfix release for official stable release 2.2.0.
  • It fixes a minor vulnerability (CVE-2023-30259) with a mature shapelib contained in our codebase.
  • The vulnerability addresses only the plugin Importshp, which is used to import shape files (SHP/SHX/DBF).
  • Shape files are used in surveying and so do not affect the most users.
  • As this is probably not a widely used plugin, the fix was just to remove the plugin.
  • If you are a surveyor and need the shape file support, it is safe to stay with 2.2.0 version, as long as you know the origin of the used shape files.
  • The vulnerability is an out-of-bounds read, what means, if a malformed shape file is imported, the application can crash.
  • With some efforts an attacker possibly can create a shape file, which can lead to unintended code execution and seize your computer.
  • But this is a worst case scenario, which I would rate as extremely low to occur.