Описание
Security update for assimp
This update for assimp fixes the following issues:
- CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class (boo#1228142),
Список пакетов
SUSE Package Hub 15 SP5
assimp-devel-5.3.1-bp156.3.3.1
libassimp5-5.3.1-bp156.3.3.1
SUSE Package Hub 15 SP6
assimp-devel-5.3.1-bp156.3.3.1
libassimp5-5.3.1-bp156.3.3.1
openSUSE Leap 15.5
assimp-devel-5.3.1-bp156.3.3.1
libassimp5-5.3.1-bp156.3.3.1
openSUSE Leap 15.6
assimp-devel-5.3.1-bp156.3.3.1
libassimp5-5.3.1-bp156.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2024:0225-1
- SUSE Security Ratings
- SUSE Bug 1218474
- SUSE Bug 1228142
- SUSE CVE CVE-2024-40724 page
Описание
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product.
Затронутые продукты
SUSE Package Hub 15 SP5:assimp-devel-5.3.1-bp156.3.3.1
SUSE Package Hub 15 SP5:libassimp5-5.3.1-bp156.3.3.1
SUSE Package Hub 15 SP6:assimp-devel-5.3.1-bp156.3.3.1
SUSE Package Hub 15 SP6:libassimp5-5.3.1-bp156.3.3.1
Ссылки
- CVE-2024-40724
- SUSE Bug 1228142