SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2985

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2985

Security update for libqt5-qtquick3d

Type: security

Severity: important

Issued: 2024-08-20

Description:

This update for libqt5-qtquick3d fixes the following issues:

- CVE-2024-40724: Fixed a heap-based buffer overflow in the PLY importer class (bsc#1228199)
- Fixed progressive anti-aliasing, which doesn't work if any object in the scene used a  PrincipledMaterial
- Fixed a crash when a custom material/effect shader variable changes
- Skipped processing unknown uniforms, as those that are vendor specific

References

CVE: CVE-2024-40724
Bugzilla: 1228199 VUL-0: CVE-2024-40724: libqt5-qtquick3d: assimp: heap-based buffer overflow in the PLY importer class

Packages

libqt5-qtquick3d-5.15.12+kde1-150600.3.3.1