Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package assimp for openSUSE:Factory checked in at 2026-05-10 16:47:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/assimp (Old) and /work/SRC/openSUSE:Factory/.assimp.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "assimp" Sun May 10 16:47:08 2026 rev:37 rq:1352019 version:6.0.5 Changes: -------- --- /work/SRC/openSUSE:Factory/assimp/assimp.changes 2026-05-04 21:17:07.667616925 +0200 +++ /work/SRC/openSUSE:Factory/.assimp.new.1966/assimp.changes 2026-05-10 16:47:26.966631042 +0200 @@ -1,0 +2,6 @@ +Fri May 8 11:52:49 UTC 2026 - Christophe Marin <[email protected]> + +- Add upstream change (CVE-2025-70067, boo#1263960) + * CVE-2025-70067.patch + +------------------------------------------------------------------- New: ---- CVE-2025-70067.patch ----------(New B)---------- New:- Add upstream change (CVE-2025-70067, boo#1263960) * CVE-2025-70067.patch ----------(New E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ assimp.spec ++++++ --- /var/tmp/diff_new_pack.rw0lp0/_old 2026-05-10 16:47:27.738662637 +0200 +++ /var/tmp/diff_new_pack.rw0lp0/_new 2026-05-10 16:47:27.738662637 +0200 @@ -26,6 +26,8 @@ Source0: %{name}-%{version}.tar.xz # PATCH-FIX-UPSTREAM -- don't reject 'find_package(assimp 5)' calls Patch0: 0001-Accept-find_package-Assimp-5.x-calls.patch +# PATCH-FIX-UPSTREAM -- CVE-2025-70067 +Patch1: CVE-2025-70067.patch BuildRequires: cmake >= 3.22 BuildRequires: gcc-c++ BuildRequires: pkgconfig ++++++ CVE-2025-70067.patch ++++++ >From 531f73597eb357e29b241c1803d7f7893e59d225 Mon Sep 17 00:00:00 2001 From: metsw24-max <[email protected]> Date: Thu, 7 May 2026 18:58:34 +0530 Subject: [PATCH] Prevent Heap Buffer Overflow in MaterialSystem String Assignments (#6628) * Prevent Heap Buffer Overflow in MaterialSystem String Assignments * Log warning for truncated material property key Add warning log for key length exceeding AI_MAXLEN. --------- Co-authored-by: Kim Kulling <[email protected]> --- code/Material/MaterialSystem.cpp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/code/Material/MaterialSystem.cpp b/code/Material/MaterialSystem.cpp index e2fc12d95..5eeaa6efc 100644 --- a/code/Material/MaterialSystem.cpp +++ b/code/Material/MaterialSystem.cpp @@ -511,9 +511,13 @@ aiReturn aiMaterial::AddBinaryProperty(const void *pInput, pcNew->mData = new char[pSizeInBytes]; memcpy(pcNew->mData, pInput, pSizeInBytes); - pcNew->mKey.length = static_cast<ai_uint32>(::strlen(pKey)); - ai_assert(AI_MAXLEN > pcNew->mKey.length); - strcpy(pcNew->mKey.data, pKey); + const size_t keyLen = ::strlen(pKey); + pcNew->mKey.length = static_cast<ai_uint32>(std::min<size_t>(keyLen, AI_MAXLEN - 1)); + if (keyLen >= AI_MAXLEN) { + ASSIMP_LOG_WARN("aiMaterial: property key '", pKey, "' exceeds AI_MAXLEN and will be truncated."); + } + memcpy(pcNew->mKey.data, pKey, pcNew->mKey.length); + pcNew->mKey.data[pcNew->mKey.length] = '\0'; if (UINT_MAX != iOutIndex) { mProperties[iOutIndex] = pcNew.release(); -- 2.54.0
