Описание
Security update for libqt5-qtquick3d
This update for libqt5-qtquick3d fixes the following issues:
- CVE-2024-40724: Fixed a heap-based buffer overflow in the PLY importer class (bsc#1228199)
- Fixed progressive anti-aliasing, which doesn't work if any object in the scene used a PrincipledMaterial
- Fixed a crash when a custom material/effect shader variable changes
- Skipped processing unknown uniforms, as those that are vendor specific
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP6
libQt5Quick3D5-5.15.12+kde1-150600.3.3.1
libQt5Quick3DAssetImport5-5.15.12+kde1-150600.3.3.1
openSUSE Leap 15.6
libQt5Quick3D5-5.15.12+kde1-150600.3.3.1
libQt5Quick3DAssetImport5-5.15.12+kde1-150600.3.3.1
libqt5-qtquick3d-devel-5.15.12+kde1-150600.3.3.1
libqt5-qtquick3d-examples-5.15.12+kde1-150600.3.3.1
libqt5-qtquick3d-imports-5.15.12+kde1-150600.3.3.1
libqt5-qtquick3d-private-headers-devel-5.15.12+kde1-150600.3.3.1
libqt5-qtquick3d-tools-5.15.12+kde1-150600.3.3.1
Ссылки
- Link for SUSE-SU-2024:2985-1
- E-Mail link for SUSE-SU-2024:2985-1
- SUSE Security Ratings
- SUSE Bug 1228199
- SUSE CVE CVE-2024-40724 page
Описание
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:libQt5Quick3D5-5.15.12+kde1-150600.3.3.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:libQt5Quick3DAssetImport5-5.15.12+kde1-150600.3.3.1
openSUSE Leap 15.6:libQt5Quick3D5-5.15.12+kde1-150600.3.3.1
openSUSE Leap 15.6:libQt5Quick3DAssetImport5-5.15.12+kde1-150600.3.3.1
Ссылки
- CVE-2024-40724
- SUSE Bug 1228142