openSUSE has issued an advisory on August 27: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GRHXRZKHWQMKKB7V55J2TDPZAKJSN2BF/
CVE: (none) => CVE-2024-40724Status comment: (none) => Fix: https://github.com/assimp/assimp/commit/ddb74c2bbdee1565dda667e85f0c82a0588c8053Source RPM: (none) => assimp-5.2.2-4.mga9.src.rpm
@ daviddavid, There is no registered maintainer for this package, but you are the de facto maintainer, so I assigned this issue to you. If you don't agree, then please assign to all packagers collectively or back to bugsquad.
CC: (none) => marja11URL: (none) => https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GRHXRZKHWQMKKB7V55J2TDPZAKJSN2BF/Assignee: bugsquad => geiger.david68210
Assigning to QA, Packages in 9/Core/Updates_testing: ====================== assimp-5.2.2-4.1.mga9 libassimp-devel-5.2.2-4.1.mga9 libassimp5-5.2.2-4.1.mga9 lib64assimp-devel-5.2.2-4.1.mga9 lib64assimp5-5.2.2-4.1.mga9 From SRPMS: assimp-5.2.2-4.1.mga9.src.rpm
Assignee: geiger.david68210 => qa-bugs
Keywords: (none) => advisory
LC_ALL=C urpmi --auto --auto-update medium "QA Testing (64-bit)" is up-to-date medium "Core Release (distrib1)" is up-to-date medium "Core Updates (distrib3)" is up-to-date medium "Nonfree Release (distrib11)" is up-to-date medium "Nonfree Updates (distrib13)" is up-to-date medium "Tainted Release (distrib21)" is up-to-date medium "Tainted Updates (distrib23)" is up-to-date medium "Core 32bit Release (distrib31)" is up-to-date medium "Core 32bit Updates (distrib32)" is up-to-date medium "Nonfree 32bit Release (distrib36)" is up-to-date medium "Tainted 32bit Release (distrib41)" is up-to-date medium "Tainted 32bit Updates (distrib42)" is up-to-date installing assimp-5.2.2-4.1.mga9.x86_64.rpm lib64assimp5-5.2.2-4.1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ################################################################################################## 1/2: lib64assimp5 ################################################################################################## 2/2: assimp ################################################################################################## 1/2: removing assimp-5.2.2-4.mga9.x86_64 ################################################################################################## 2/2: removing lib64assimp5-5.2.2-4.mga9.x86_64 ################################################################################################## urpmq --whatrequires lib64assimp5|uniq assimp f3d lib64assimp-devel lib64assimp5 lib64qt5qt3d-devel pioneerspacesim qt3d5 qt3d6 qtquick3d5 qtquick3d6 Use pioneerspacesim to test strace pioneer shows openat(AT_FDCWD, "/lib64/libassimp.so.5", O_RDONLY|O_CLOEXEC) = 3 The game start whitoout issues
Whiteboard: (none) => MGA9-64-OKCC: (none) => andrewsfarmCVE: CVE-2024-40724 => (none)
CVE: (none) => CVE-2024-40724
Validating.
CC: (none) => sysadmin-bugsKeywords: (none) => validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0300.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED