Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/assimp: security bump to version 5.4.3

Fixes the following security vulnerability:

CVE-2024-40724: Heap-based buffer overflow vulnerability in Assimp versions
prior to 5.4.2 allows a local attacker to execute arbitrary code by
inputting a specially crafted file into the product.

https://github.com/assimp/assimp/pull/5651

Fixes:
https://nvd.nist.gov/vuln/detail/cve-2024-40724

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add link to cve]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 30da391756dfba96f078a6e04707c6e8a63a4162)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard 5 months ago
parent
809778f47b
commit
7c4e482b15
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      package/assimp/assimp.hash
  2. 1 1
      package/assimp/assimp.mk

+ 1 - 1
package/assimp/assimp.hash
View File 

@@ -1,3 +1,3 @@
 
 # Locally calculated
 
-sha256  a07666be71afe1ad4bc008c2336b7c688aca391271188eb9108d0c6db1be53f1  assimp-5.3.1.tar.gz
 
+sha256  66dfbaee288f2bc43172440a55d0235dfc7bf885dda6435c038e8000e79582cb  assimp-5.4.3.tar.gz
 
 sha256  147874443d242b4e2bae97036e26ec9d6b37f706174c1bd5ecfcc8c1294cef51  LICENSE

+ 1 - 1
package/assimp/assimp.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-ASSIMP_VERSION = 5.3.1
 
+ASSIMP_VERSION = 5.4.3
 
 ASSIMP_SITE = $(call github,assimp,assimp,v$(ASSIMP_VERSION))
 
 ASSIMP_LICENSE = BSD-3-Clause
 
 ASSIMP_LICENSE_FILES = LICENSE