[Git][security-tracker-team/security-tracker][master] assimp fixed in sid

Wed Jan 21 16:45:51 GMT 2026


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
42f8f5e1 by Moritz Muehlenhoff at 2026-01-21T17:45:10+01:00
assimp fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39784,13 +39784,13 @@ CVE-2025-11279 (A vulnerability was detected in Axosoft Scrum and Bug Tracking 2
 CVE-2025-11278 (A security vulnerability has been detected in AllStarLink Supermon up  ...)
 	NOT-FOR-US: AllStarLink Supermon
 CVE-2025-11277 (A weakness has been identified in Open Asset Import Library Assimp 6.0 ...)
-	- assimp <unfixed> (bug #1117693)
-	[trixie] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
-	[bookworm] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
+	- assimp 6.0.3+ds-1 (bug #1117693)
+	[trixie] - assimp <no-dsa> (Minor issue)
+	[bookworm] - assimp <no-dsa> (Minor issue)
 	[bullseye] - assimp <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://github.com/assimp/assimp/issues/6358
 	NOTE: https://github.com/assimp/assimp/pull/6370
-	NOTE: Fixed by: https://github.com/assimp/assimp/commit/0978918f7148fbcd3d05cc6573dae7859975a895
+	NOTE: Fixed by: https://github.com/assimp/assimp/commit/0978918f7148fbcd3d05cc6573dae7859975a895 (v6.0.3)
 CVE-2025-11276 (A security flaw has been discovered in Rebuild up to 4.1.3. Affected b ...)
 	NOT-FOR-US: Rebuild
 CVE-2025-11275 (A vulnerability was identified in Open Asset Import Library Assimp 6.0 ...)
@@ -83257,19 +83257,23 @@ CVE-2025-5167 (A vulnerability was found in Open Asset Import Library Assimp 5.4
 	NOTE: https://github.com/assimp/assimp/issues/6169
 	NOTE: https://github.com/assimp/assimp/issues/6128
 CVE-2025-5166 (A vulnerability was found in Open Asset Import Library Assimp 5.4.3. I ...)
-	- assimp <unfixed> (bug #1106592)
-	[trixie] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
-	[bookworm] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
+	- assimp 6.0.3+ds-1 (bug #1106592)
+	[trixie] - assimp <no-dsa> (Minor issue)
+	[bookworm] - assimp <no-dsa> (Minor issue)
 	[bullseye] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
 	NOTE: https://github.com/assimp/assimp/issues/6168
 	NOTE: https://github.com/assimp/assimp/issues/6128
+	NOTE: https://github.com/assimp/assimp/pull/6438
+	NOTE: https://github.com/assimp/assimp/commit/17318b02cf75b7fe5098c2c331780d5f9d4802c7 (v6.0.3)
 CVE-2025-5165 (A vulnerability was found in Open Asset Import Library Assimp 5.4.3 an ...)
-	- assimp <unfixed> (bug #1106591)
-	[trixie] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
-	[bookworm] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
+	- assimp 6.0.3+ds-1 (bug #1106591)
+	[trixie] - assimp <no-dsa> (Minor issue)
+	[bookworm] - assimp <no-dsa> (Minor issue)
 	[bullseye] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
 	NOTE: https://github.com/assimp/assimp/issues/6167
 	NOTE: https://github.com/assimp/assimp/issues/6128
+	NOTE: https://github.com/assimp/assimp/pull/6440
+	NOTE: https://github.com/assimp/assimp/commit/d1e6bcff6b01c5da9856a2b6ed52ae9a06dfe8da (v6.0.3)
 CVE-2025-5164 (A vulnerability has been found in PerfreeBlog 4.0.11 and classified as ...)
 	NOT-FOR-US: PerfreeBlog
 CVE-2025-5163 (A vulnerability, which was classified as problematic, was found in yan ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42f8f5e10bcb1096b15ac3080d6ec96fbe649a47

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42f8f5e10bcb1096b15ac3080d6ec96fbe649a47
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260121/4868969b/attachment.htm>
