Summary: | <media-libs/assimp-5.2.2: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | proxy-maint, waebbl-gentoo |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/24485 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 829957, 835089 | ||
Bug Blocks: |
Description
Sam James
2022-01-01 02:21:34 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2e40531368c0cf5ae2d8326fdab7e5a5e67db438 commit 2e40531368c0cf5ae2d8326fdab7e5a5e67db438 Author: Bernd Waibel <waebbl-gentoo@posteo.net> AuthorDate: 2022-03-11 11:55:51 +0000 Commit: Matthew Smith <matthew@gentoo.org> CommitDate: 2022-03-12 17:30:30 +0000 media-libs/assimp: bump to 5.2.2 Removes the doc USE flag, because the documentation is no longer available as a pdf on the release page and building it is currently broken. Bug: https://github.com/assimp/assimp/issues/4439 Bug: https://github.com/assimp/assimp/issues/4438 Bug: https://github.com/assimp/assimp/issues/4334 Bug: https://bugs.gentoo.org/830374 Closes: https://bugs.gentoo.org/829957 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Bernd Waibel <waebbl-gentoo@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/24485 Signed-off-by: Matthew Smith <matthew@gentoo.org> media-libs/assimp/Manifest | 1 + media-libs/assimp/assimp-5.2.2.ebuild | 59 ++++++++++++++++++++++ .../files/assimp-5.2.2-disable-failing-tests.patch | 52 +++++++++++++++++++ ...ge-of-incompatible-minizip-data-structure.patch | 24 +++++++++ media-libs/assimp/metadata.xml | 9 +++- 5 files changed, 144 insertions(+), 1 deletion(-) Thanks, please stable 5.2.2 The package has already been cleaned. Unfortunately I've overseen to add a reference for this bug. https://github.com/gentoo/gentoo/pull/26058 Thanks! GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=58a9fe7b7a6a60d04a5e5c6cebc8aaaa055cf78d commit 58a9fe7b7a6a60d04a5e5c6cebc8aaaa055cf78d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-16 14:26:28 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-16 14:39:35 +0000 [ GLSA 202210-01 ] Open Asset Import Library ("assimp"): Multiple Vulnerabilities Bug: https://bugs.gentoo.org/830374 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-01.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |