SUSE_ALP_Standard/patchinfo.20241129134332322530.90520734224245/_patchinfo

<patchinfo incident="126">
  <!-- generated from request(s) 345436 -->
  <issue tracker="bnc" id="1207377">VUL-0: CVE-2022-45748: assimp: UaF in ColladaParser:ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.</issue>
  <issue tracker="bnc" id="1218474">build failure for assimp</issue>
  <issue tracker="bnc" id="1228142">VUL-0: CVE-2024-40724: TRACKERBUG: assimp: heap-based buffer overflow in the PLY importer class</issue>
  <issue tracker="bnc" id="1230679">VUL-0: CVE-2024-45679: assimp: Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product.</issue>
  <issue tracker="cve" id="2022-45748"/>
  <issue tracker="cve" id="2024-40724"/>
  <issue tracker="cve" id="2024-45679"/>
  <packager>alarrosa</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for assimp</summary>
  <description>This update for assimp fixes the following issues:

- CVE-2022-45748: Fixed UaF in ColladaParser:ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp. (bsc#1207377)

Update to 5.4.3

  * Ply-Importer: Fix vulnerability
  * `build`: Add ccache support
  * Update glTF2AssetWriter.inl
  * Update PyAssimp structs with Skeleton &amp; SkeletonBone members
  * FBX: add metadata as properties
  * Fix casting typo in D3MFExporter::writeBaseMaterials (color
    channels &lt; 1.0f were zeroed out)
  * Fix to judge 'multi-configuration' correctly
  * Fix potential memory leak in SceneCombiner for LWS/IRR/MD3
    loader
  * Fix copying private data when source pointer is NULL
  * Bump softprops/action-gh-release from 1 to 2
  * Bump actions/upload-artifact from 1 to 4
  * Bump actions/download-artifact from 1 to 4
  * fix GetShortFilename function
  * Added more Maya materials
  * Sparky kitty studios master
  * Expose aiGetEmbeddedTexture to C-API
  * Fix leak in loader
  * Fix MSVC build error
  * Revert variable name (fix broken build on android)
  * Fixes possible out-of-bound read in findDegenerate
  * Remove recursive include
  * include Exceptional.h in 3DSExporter.cpp
  * Use DRACO_GLTF_BITSTREAM
  * Fix MSVC PDBs and permit them to be disabled if required
  * Added AND condition in poly2tri dll_symbol.h
  * fixing static build
  * FBX exporter - handle multiple vertex color channels
  * Update DefaultIOSystem.cpp
  * Make coord transfor for hs1 files optional
  * Return false instead of crash
  * A fuzzed stride could cause the max count to become negative
    and hence wrap around uint
  * CalcTangents: zero vector is invalid for tangent/bitangent
  * Mosfet80 updatedpoli2tri
  * Fix a fuzz test heap buffer overflow in mdl material loader
  * Introduce interpolation mode to vectro and quaternion keys
  * Update Python structs with missing fields
  * Introduce interpolation mode to vectro and quaternion keys
  * Kimkulling/fix double precision tests
  * [USD] Integrate "tinyusdz" project
  * Update Readme.md
  * Allow empty slots in mTextureCoords
  * Fix compile warning
  * Replace raw pointers by std::string
  * Fix potential heapbuffer overflow in md5 parsing
  * Fixes bsc#1230679, CVE-2024-45679.

- fix check failure on s390x (bsc#1218474)

- Update to 5.4.2
  * Fix building on Haiku
  * Reduce memory consumption in JoinVerticesProcess::ProcessMesh()
    significantly
  * Fix: Add check for invalid input argument
  * Replace an assert
  * Extension of skinning data export to GLB/GLTF format
  * Fix output floating-point values to fbx
  * Update ImproveCacheLocality.cpp
  * Update Readme.md
  * Deep arsdk bone double free
  * Fix Spelling error
  * use size in order to be compatible with float and double
  * Fix: Add missing transformation for normalized normals.
  * Fix: Implicit Conversion Error
  * Fix add checks for indices
  * Update FBXBinaryTokenizer.cpp
  * link to external minizip with full path
  * utf8 header not found
  * Rm unnecessary deg-&gt;radian conversion in FBX exporter
  * Fix empty mesh handling
  * Refactoring: Some cleanups
  * Fix invalid read of uint from uvwsrc
  * Remove double delete
  * fix mesh-name error.
  * COLLADA fixes for textures in C4D input
  * Use the correct allocator for deleting objects in case of
    duplicate animation Ids
  * Fix container overflow in MMD parser
  * Fix: PLY heap buffer overflow
  * Fix: Check if index for mesh access is out of range
  * Update FBXConverter.cpp
  * FBX: Use correct time scaling
  * Drop explicit inclusion of contrib/ headers
  * Update Build.md
  * Fix buffer overflow in FBX::Util::DecodeBase64()
  * Readme.md: correct 2 errors in section headers
  * Fix double free in Video::~Video()
  * FBXMeshGeometry: solve issue #5116 using patch provided
  * Fix target names not being imported on some gLTF2 models
  * correct grammar/typographic errors in comments (8 files)
  * KHR_materials_specular fixes
  * Disable Hunter
  * fixed several issues
  * Fix leak
  * Check validity of archive without parsing
  * Fix integer overflow
  * Add a test before generating the txture folder
  * Build: Disable building zlib for non-windows
  * null check.
  * Bump actions/upload-artifact from 3 to 4
  * fix: KHR_materials_pbrSpecularGlossiness/diffuseFactor convert
    to pbrMetallicRoughness/baseColorFactor
  * fix building errors for MinGW
  * dynamic_cast error.
  * Add missing IRR textures
  * Update Dockerfile
  * Fix handling of X3D IndexedLineSet nodes
  * Improve acc file loading
  * Readme.md: present hyperlinks in a more uniform style
  * FBX Blendshape FullWeight: Vec&lt;Float&gt; -&gt; FullWeight: Vec&lt;Double&gt;
  * Fix for issues #5422, #3411, and #5443 -- DXF insert scaling
    fix and colour fix
  * Update StbCommon.h to stay up-to-date with stb_image.h.
  * Introduce aiBuffer
  * Add bounds checks to the parsing utilities.
  * Fix crash in viewer
  * Static code analysis fixes
  * Kimkulling/fix bahavior of remove redundat mats issue 5438
  * Fix X importer breakage introduced in commit f844c33
  * Fileformats.md: clarify that import of .blend files is deprecated
  * feat:1.add 3mf vertex color read 2.fix 3mf read texture bug
  * More GLTF loading hardening
  * Bump actions/cache from 3 to 4
  * Update CMakeLists.txt
  * Blendshape-&gt;Geometry in FBX Export
  * Fix identity matrix check
  * Fix PyAssimp under Python &gt;= 3.12 and macOS library search support
  * Add ISC LICENSE file
  * ColladaParser: check values length
  * Include defs in not cpp-section
  * Add correct double zero check
  * Add zlib-header to ZipArchiveIOSystem.h
  * Add 2024 to copyright infos
  * Append a new setting "AI_CONFIG_EXPORT_FBX_TRANSPARENCY_FACTOR_REFER_TO_OPACITY"
  * Eliminate non-ascii comments in clipper
  * Fix compilation for MSVC14.
  * Add correction of fbx model rotation
  * Delete tools/make directory
  * Delete packaging/windows-mkzip directory
  * Fix #5420 duplicate degrees to radians conversion in fbx importer
  * Respect merge identical vertices in ObjExporter
  * Fix utDefaultIOStream test under MinGW
  * Fix typos
  * Add initial macOS support to C4D importer
  * Update hunter into CMakeLists.txt
  * Fix: add missing import for AI_CONFIG_CHECK_IDENTITY_MATRIX_EPSILON_DEFAULT
  * updated json
  * Cleanup: Fix review findings
  * CMake: Allow linking draco statically if ASSIMP_BUILD_DRACO_STATIC is set.
  * updated minizip to last version
  * updated STBIMAGElib
  * fix issue #5461 (segfault after removing redundant materials)
  * Update ComputeUVMappingProcess.cpp
  * add some ASSIMP_INSTALL checks
  * Fix SplitByBoneCount typo that prevented node updates
  * Q3DLoader: Fix possible material string overflow
  * Reverts the changes introduced
  * fix a collada import bug
  * mention IQM loader in Fileformats.md
  * Kimkulling/fix pyassimp compatibility
  * fix ASE loader crash when *MATERIAL_COUNT or *NUMSUBMTLS is not specified
    or is 0
  * Add checks for invalid buffer and size
  * Make sure for releases revision will be zero
  * glTF2Importer: Support .vrm extension
  * Prepare v5.4.1
  * Remove deprecated c++11 warnings
  * fix ci
  * Fix integer overflow
  * Assimp viewer fixes
  * Optimize readability
  * Temporary fix for #5557 GCC 13+ build issue -Warray-bounds
  * Fix a bug that could cause assertion failure.
  * Fix possible nullptr dereferencing.
  * Update ObjFileParser.cpp
  * Fix for #5592 Disabled maybe-uninitialized error for
    AssetLib/Obj/ObjFileParser.cpp
  * updated zip
  * Postprocessing: Fix endless loop
  * Build: Fix compilation for VS-2022 debug mode - warning
  * Converted a size_t to mz_uint that was being treated as an error
  * Add trim to xml string parsing
  * Replace duplicated trim
  * Move aiScene constructor
  * Move revision.h and revision.h.in to include folder
  * Update MDLMaterialLoader.cpp
  * Create inno_setup
  * clean HunterGate.cmake
  * Draft: Update init of aiString
  * Fix init aistring issue 5622 inpython module
  * update dotnet example
  * Make stepfile schema validation more robust.
  * fix PLY binary export color from float to uchar
  * Some FBXs do not have "Materials" information, which can cause
    parsing errors
  * Fix collada uv channels - temporary was stored and then updated.
  * remove ASE parsing break
  * FBX-Exporter: Fix nullptr dereferencing
  * Fix FBX exporting incorrect bone order
  * fixes potential memory leak on malformed obj file
  * Update zip.c
  * Fixes some uninit bool loads
  * Fix names of enum values in docstring of aiProcess_FindDegenerates
  * Fix: StackAllocator Undefined Reference fix
  * Plx: Fix out of bound access (CVE-2024-40724, bsc#1228142)

- Update to 5.4.1
  * CMake: Allow linking draco statically if ASSIMP_BUILD_DRACO_STATIC is set.
  * Deps: updated minizip to last version
  * Deps: updated STBIMAGElib
  * Fix issue #5461 (segfault after removing redundant materials)
  * Update ComputeUVMappingProcess.cpp
  * Add some ASSIMP_INSTALL checks
  * Fix SplitByBoneCount typo that prevented node updates
  * Q3DLoader: Fix possible material string overflow
  * Reverts the changes introduced by commit ad766cb in February 2022
  * Fix a collada import bug
  * Mention IQM loader in Fileformats.md
  * Fix ASE loader crash when *MATERIAL_COUNT or *NUMSUBMTLS is not specified
    or is 0
  * Add checks for invalid buffer and size
  * Make sure for releases revision will be zero
  * glTF2Importer: Support .vrm extension

- Update to 5.4.0
  * Reduce memory consumption in JoinVerticesProcess::ProcessMesh()
  * Fix: Add check for invalid input argument
  * Replace an assert
  * Extension of skinning data export to GLB/GLTF format
  * Fix output floating-point values to fbx
  * Update ImproveCacheLocality.cpp
  * Deep arsdk bone double free
  * Fix Spelling error
  * use size to be compatible with float and double
  * Fix: Add missing transformation for normalized normals.
  * Fix: Implicit Conversion Error
  * Fix add checks for indices
  * Update FBXBinaryTokenizer.cpp
  * link to external minizip with full path
  * utf8 header not found
  * Rm unnecessary deg-&gt;radian conversion in FBX exporter
  * Fix empty mesh handling
  * Refactoring: Some cleanups
  * Fix invalid read of uint from uvwsrc
  * Remove double delete
  * fix the mesh-name error.
  * COLLADA fixes for textures in C4D input
  * Use the correct allocator for deleting objects in case of
    duplicate animation Ids
  * Fix container overflow in MMD parser
  * Fix: PLY heap buffer overflow
  * Fix: Check if index for mesh access is out of range
  * Update FBXConverter.cpp
  * FBX: Use correct time scaling
  * Drop explicit inclusion of contrib/ headers
  * Update Build.md
  * Fix buffer overflow in FBX::Util::DecodeBase64()
  * Readme.md: correct 2 errors in section headers
  * Fix double free in Video::~Video()
  * FBXMeshGeometry: solve issue #5116 using patch provided
  * Fix target names not being imported on some gLTF2 models
  * correct grammar/typographic errors in comments (8 files)
  * KHR_materials_specular fixes
  * Disable Hunter
  * fixed several issues
  * Fix leak
  * Check the validity of the archive without parsing
  * Fix integer overflow
  * Add a test before generating the texture folder
  * Build: Disable building zlib for non-windows
  * null check.
  * Bump actions/upload-artifact from 3 to 4
  * fix: KHR_materials_pbrSpecularGlossiness/diffuseFactor convert
    to pbrMetallicRoughness/baseColorFactor
  * dynamic_cast error.
  * Add missing IRR textures
  * Fix handling of X3D IndexedLineSet nodes
  * Improve acc file loading
  * Readme.md: present hyperlinks in a more uniform style
  * FBX Blendshape FullWeight: Vec&lt;Float&gt; -&gt; FullWeight: Vec&lt;Double&gt;
  * Fix for issues #5422, #3411, and #5443 -- DXF insert scaling fix
    and colour fix
  * Update StbCommon.h to stay up-to-date with stb_image.h.
  * Introduce aiBuffer
  * Add bounds checks to the parsing utilities.
  * Fix crash in viewer
  * Static code analysis fixes
  * Kimkulling/fix behavior of remove redundant mats issue 5438
  * Fix X importer breakage introduced in commit f844c33
  * Fileformats.md: clarify that import of .blend files is deprecated
  * feat:1.add 3mf vertex color read 2.fix 3mf read texture bug
  * More GLTF loading hardening
  * Bump actions/cache from 3 to 4
  * Blendshape-&gt;Geometry in FBX Export
  * Fix identity matrix check
  * Fix PyAssimp under Python &gt;= 3.12 and macOS library search support
  * Add ISC LICENSE file
  * ColladaParser: check values length
  * Include defs in not cpp-section
  * Add correct double zero check
  * Add zlib-header to ZipArchiveIOSystem.h
  * Add 2024 to copyright infos
  * Append a new setting "AI_CONFIG_EXPORT_FBX_TRANSPARENCY_FACTOR_REFER_TO_OPACITY"
  * Eliminate non-ascii comments in clipper
  * Fix compilation for MSVC14.
  * Add correction of fbx model rotation
  * Delete tools/make directory
  * Delete packaging/windows-mkzip directory
  * Fix #5420 duplicate degrees to radians conversion in fbx importer
  * Respect merge identical vertices in ObjExporter
  * Fix utDefaultIOStream test under MinGW
  * Fix typos
  * Add initial macOS support to C4D importer
  * Update hunter into CMakeLists.txt
  * Fix: add a missing import for AI_CONFIG_CHECK_IDENTITY_MATRIX_EPSILON_DEFAULT
  * updated json
  * Cleanup: Fix review findings
  * Update CMakeLists.txt

- Reenable the Collada parser.


</description>
  <package>assimp</package>
  <seperate_build_arch/>
</patchinfo>
Update incident numbers 2024-12-06 13:36:42 +01:00			`<patchinfo incident="126">`
Adding patchinfo patchinfo.20241129134332322530.90520734224245 2024-11-29 18:01:05 +01:00			`<!-- generated from request(s) 345436 -->`
			`<issue tracker="bnc" id="1207377">VUL-0: CVE-2022-45748: assimp: UaF in ColladaParser:ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp.</issue>`
			`<issue tracker="bnc" id="1218474">build failure for assimp</issue>`
			`<issue tracker="bnc" id="1228142">VUL-0: CVE-2024-40724: TRACKERBUG: assimp: heap-based buffer overflow in the PLY importer class</issue>`
			`<issue tracker="bnc" id="1230679">VUL-0: CVE-2024-45679: assimp: Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product.</issue>`
			`<issue tracker="cve" id="2022-45748"/>`
			`<issue tracker="cve" id="2024-40724"/>`
			`<issue tracker="cve" id="2024-45679"/>`
			`<packager>alarrosa</packager>`
			`<rating>important</rating>`
			`<category>security</category>`
			`<summary>Security update for assimp</summary>`
			`<description>This update for assimp fixes the following issues:`

			`- CVE-2022-45748: Fixed UaF in ColladaParser:ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp. (bsc#1207377)`

			`Update to 5.4.3`

			`* Ply-Importer: Fix vulnerability`
			* `build`: Add ccache support
			`* Update glTF2AssetWriter.inl`
			`* Update PyAssimp structs with Skeleton & SkeletonBone members`
			`* FBX: add metadata as properties`
			`* Fix casting typo in D3MFExporter::writeBaseMaterials (color`
			`channels < 1.0f were zeroed out)`
			`* Fix to judge 'multi-configuration' correctly`
			`* Fix potential memory leak in SceneCombiner for LWS/IRR/MD3`
			`loader`
			`* Fix copying private data when source pointer is NULL`
			`* Bump softprops/action-gh-release from 1 to 2`
			`* Bump actions/upload-artifact from 1 to 4`
			`* Bump actions/download-artifact from 1 to 4`
			`* fix GetShortFilename function`
			`* Added more Maya materials`
			`* Sparky kitty studios master`
			`* Expose aiGetEmbeddedTexture to C-API`
			`* Fix leak in loader`
			`* Fix MSVC build error`
			`* Revert variable name (fix broken build on android)`
			`* Fixes possible out-of-bound read in findDegenerate`
			`* Remove recursive include`
			`* include Exceptional.h in 3DSExporter.cpp`
			`* Use DRACO_GLTF_BITSTREAM`
			`* Fix MSVC PDBs and permit them to be disabled if required`
			`* Added AND condition in poly2tri dll_symbol.h`
			`* fixing static build`
			`* FBX exporter - handle multiple vertex color channels`
			`* Update DefaultIOSystem.cpp`
			`* Make coord transfor for hs1 files optional`
			`* Return false instead of crash`
			`* A fuzzed stride could cause the max count to become negative`
			`and hence wrap around uint`
			`* CalcTangents: zero vector is invalid for tangent/bitangent`
			`* Mosfet80 updatedpoli2tri`
			`* Fix a fuzz test heap buffer overflow in mdl material loader`
			`* Introduce interpolation mode to vectro and quaternion keys`
			`* Update Python structs with missing fields`
			`* Introduce interpolation mode to vectro and quaternion keys`
			`* Kimkulling/fix double precision tests`
			`* [USD] Integrate "tinyusdz" project`
			`* Update Readme.md`
			`* Allow empty slots in mTextureCoords`
			`* Fix compile warning`
			`* Replace raw pointers by std::string`
			`* Fix potential heapbuffer overflow in md5 parsing`
			`* Fixes bsc#1230679, CVE-2024-45679.`

			`- fix check failure on s390x (bsc#1218474)`

			`- Update to 5.4.2`
			`* Fix building on Haiku`
			`* Reduce memory consumption in JoinVerticesProcess::ProcessMesh()`
			`significantly`
			`* Fix: Add check for invalid input argument`
			`* Replace an assert`
			`* Extension of skinning data export to GLB/GLTF format`
			`* Fix output floating-point values to fbx`
			`* Update ImproveCacheLocality.cpp`
			`* Update Readme.md`
			`* Deep arsdk bone double free`
			`* Fix Spelling error`
			`* use size in order to be compatible with float and double`
			`* Fix: Add missing transformation for normalized normals.`
			`* Fix: Implicit Conversion Error`
			`* Fix add checks for indices`
			`* Update FBXBinaryTokenizer.cpp`
			`* link to external minizip with full path`
			`* utf8 header not found`
			`* Rm unnecessary deg->radian conversion in FBX exporter`
			`* Fix empty mesh handling`
			`* Refactoring: Some cleanups`
			`* Fix invalid read of uint from uvwsrc`
			`* Remove double delete`
			`* fix mesh-name error.`
			`* COLLADA fixes for textures in C4D input`
			`* Use the correct allocator for deleting objects in case of`
			`duplicate animation Ids`
			`* Fix container overflow in MMD parser`
			`* Fix: PLY heap buffer overflow`
			`* Fix: Check if index for mesh access is out of range`
			`* Update FBXConverter.cpp`
			`* FBX: Use correct time scaling`
			`* Drop explicit inclusion of contrib/ headers`
			`* Update Build.md`
			`* Fix buffer overflow in FBX::Util::DecodeBase64()`
			`* Readme.md: correct 2 errors in section headers`
			`* Fix double free in Video::~Video()`
			`* FBXMeshGeometry: solve issue #5116 using patch provided`
			`* Fix target names not being imported on some gLTF2 models`
			`* correct grammar/typographic errors in comments (8 files)`
			`* KHR_materials_specular fixes`
			`* Disable Hunter`
			`* fixed several issues`
			`* Fix leak`
			`* Check validity of archive without parsing`
			`* Fix integer overflow`
			`* Add a test before generating the txture folder`
			`* Build: Disable building zlib for non-windows`
			`* null check.`
			`* Bump actions/upload-artifact from 3 to 4`
			`* fix: KHR_materials_pbrSpecularGlossiness/diffuseFactor convert`
			`to pbrMetallicRoughness/baseColorFactor`
			`* fix building errors for MinGW`
			`* dynamic_cast error.`
			`* Add missing IRR textures`
			`* Update Dockerfile`
			`* Fix handling of X3D IndexedLineSet nodes`
			`* Improve acc file loading`
			`* Readme.md: present hyperlinks in a more uniform style`
			`* FBX Blendshape FullWeight: Vec<Float> -> FullWeight: Vec<Double>`
			`* Fix for issues #5422, #3411, and #5443 -- DXF insert scaling`
			`fix and colour fix`
			`* Update StbCommon.h to stay up-to-date with stb_image.h.`
			`* Introduce aiBuffer`
			`* Add bounds checks to the parsing utilities.`
			`* Fix crash in viewer`
			`* Static code analysis fixes`
			`* Kimkulling/fix bahavior of remove redundat mats issue 5438`
			`* Fix X importer breakage introduced in commit f844c33`
			`* Fileformats.md: clarify that import of .blend files is deprecated`
			`* feat:1.add 3mf vertex color read 2.fix 3mf read texture bug`
			`* More GLTF loading hardening`
			`* Bump actions/cache from 3 to 4`
			`* Update CMakeLists.txt`
			`* Blendshape->Geometry in FBX Export`
			`* Fix identity matrix check`
			`* Fix PyAssimp under Python >= 3.12 and macOS library search support`
			`* Add ISC LICENSE file`
			`* ColladaParser: check values length`
			`* Include defs in not cpp-section`
			`* Add correct double zero check`
			`* Add zlib-header to ZipArchiveIOSystem.h`
			`* Add 2024 to copyright infos`
			`* Append a new setting "AI_CONFIG_EXPORT_FBX_TRANSPARENCY_FACTOR_REFER_TO_OPACITY"`
			`* Eliminate non-ascii comments in clipper`
			`* Fix compilation for MSVC14.`
			`* Add correction of fbx model rotation`
			`* Delete tools/make directory`
			`* Delete packaging/windows-mkzip directory`
			`* Fix #5420 duplicate degrees to radians conversion in fbx importer`
			`* Respect merge identical vertices in ObjExporter`
			`* Fix utDefaultIOStream test under MinGW`
			`* Fix typos`
			`* Add initial macOS support to C4D importer`
			`* Update hunter into CMakeLists.txt`
			`* Fix: add missing import for AI_CONFIG_CHECK_IDENTITY_MATRIX_EPSILON_DEFAULT`
			`* updated json`
			`* Cleanup: Fix review findings`
			`* CMake: Allow linking draco statically if ASSIMP_BUILD_DRACO_STATIC is set.`
			`* updated minizip to last version`
			`* updated STBIMAGElib`
			`* fix issue #5461 (segfault after removing redundant materials)`
			`* Update ComputeUVMappingProcess.cpp`
			`* add some ASSIMP_INSTALL checks`
			`* Fix SplitByBoneCount typo that prevented node updates`
			`* Q3DLoader: Fix possible material string overflow`
			`* Reverts the changes introduced`
			`* fix a collada import bug`
			`* mention IQM loader in Fileformats.md`
			`* Kimkulling/fix pyassimp compatibility`
			`* fix ASE loader crash when MATERIAL_COUNT or NUMSUBMTLS is not specified`
			`or is 0`
			`* Add checks for invalid buffer and size`
			`* Make sure for releases revision will be zero`
			`* glTF2Importer: Support .vrm extension`
			`* Prepare v5.4.1`
			`* Remove deprecated c++11 warnings`
			`* fix ci`
			`* Fix integer overflow`
			`* Assimp viewer fixes`
			`* Optimize readability`
			`* Temporary fix for #5557 GCC 13+ build issue -Warray-bounds`
			`* Fix a bug that could cause assertion failure.`
			`* Fix possible nullptr dereferencing.`
			`* Update ObjFileParser.cpp`
			`* Fix for #5592 Disabled maybe-uninitialized error for`
			`AssetLib/Obj/ObjFileParser.cpp`
			`* updated zip`
			`* Postprocessing: Fix endless loop`
			`* Build: Fix compilation for VS-2022 debug mode - warning`
			`* Converted a size_t to mz_uint that was being treated as an error`
			`* Add trim to xml string parsing`
			`* Replace duplicated trim`
			`* Move aiScene constructor`
			`* Move revision.h and revision.h.in to include folder`
			`* Update MDLMaterialLoader.cpp`
			`* Create inno_setup`
			`* clean HunterGate.cmake`
			`* Draft: Update init of aiString`
			`* Fix init aistring issue 5622 inpython module`
			`* update dotnet example`
			`* Make stepfile schema validation more robust.`
			`* fix PLY binary export color from float to uchar`
			`* Some FBXs do not have "Materials" information, which can cause`
			`parsing errors`
			`* Fix collada uv channels - temporary was stored and then updated.`
			`* remove ASE parsing break`
			`* FBX-Exporter: Fix nullptr dereferencing`
			`* Fix FBX exporting incorrect bone order`
			`* fixes potential memory leak on malformed obj file`
			`* Update zip.c`
			`* Fixes some uninit bool loads`
			`* Fix names of enum values in docstring of aiProcess_FindDegenerates`
			`* Fix: StackAllocator Undefined Reference fix`
			`* Plx: Fix out of bound access (CVE-2024-40724, bsc#1228142)`

			`- Update to 5.4.1`
			`* CMake: Allow linking draco statically if ASSIMP_BUILD_DRACO_STATIC is set.`
			`* Deps: updated minizip to last version`
			`* Deps: updated STBIMAGElib`
			`* Fix issue #5461 (segfault after removing redundant materials)`
			`* Update ComputeUVMappingProcess.cpp`
			`* Add some ASSIMP_INSTALL checks`
			`* Fix SplitByBoneCount typo that prevented node updates`
			`* Q3DLoader: Fix possible material string overflow`
			`* Reverts the changes introduced by commit ad766cb in February 2022`
			`* Fix a collada import bug`
			`* Mention IQM loader in Fileformats.md`
			`* Fix ASE loader crash when MATERIAL_COUNT or NUMSUBMTLS is not specified`
			`or is 0`
			`* Add checks for invalid buffer and size`
			`* Make sure for releases revision will be zero`
			`* glTF2Importer: Support .vrm extension`

			`- Update to 5.4.0`
			`* Reduce memory consumption in JoinVerticesProcess::ProcessMesh()`
			`* Fix: Add check for invalid input argument`
			`* Replace an assert`
			`* Extension of skinning data export to GLB/GLTF format`
			`* Fix output floating-point values to fbx`
			`* Update ImproveCacheLocality.cpp`
			`* Deep arsdk bone double free`
			`* Fix Spelling error`
			`* use size to be compatible with float and double`
			`* Fix: Add missing transformation for normalized normals.`
			`* Fix: Implicit Conversion Error`
			`* Fix add checks for indices`
			`* Update FBXBinaryTokenizer.cpp`
			`* link to external minizip with full path`
			`* utf8 header not found`
			`* Rm unnecessary deg->radian conversion in FBX exporter`
			`* Fix empty mesh handling`
			`* Refactoring: Some cleanups`
			`* Fix invalid read of uint from uvwsrc`
			`* Remove double delete`
			`* fix the mesh-name error.`
			`* COLLADA fixes for textures in C4D input`
			`* Use the correct allocator for deleting objects in case of`
			`duplicate animation Ids`
			`* Fix container overflow in MMD parser`
			`* Fix: PLY heap buffer overflow`
			`* Fix: Check if index for mesh access is out of range`
			`* Update FBXConverter.cpp`
			`* FBX: Use correct time scaling`
			`* Drop explicit inclusion of contrib/ headers`
			`* Update Build.md`
			`* Fix buffer overflow in FBX::Util::DecodeBase64()`
			`* Readme.md: correct 2 errors in section headers`
			`* Fix double free in Video::~Video()`
			`* FBXMeshGeometry: solve issue #5116 using patch provided`
			`* Fix target names not being imported on some gLTF2 models`
			`* correct grammar/typographic errors in comments (8 files)`
			`* KHR_materials_specular fixes`
			`* Disable Hunter`
			`* fixed several issues`
			`* Fix leak`
			`* Check the validity of the archive without parsing`
			`* Fix integer overflow`
			`* Add a test before generating the texture folder`
			`* Build: Disable building zlib for non-windows`
			`* null check.`
			`* Bump actions/upload-artifact from 3 to 4`
			`* fix: KHR_materials_pbrSpecularGlossiness/diffuseFactor convert`
			`to pbrMetallicRoughness/baseColorFactor`
			`* dynamic_cast error.`
			`* Add missing IRR textures`
			`* Fix handling of X3D IndexedLineSet nodes`
			`* Improve acc file loading`
			`* Readme.md: present hyperlinks in a more uniform style`
			`* FBX Blendshape FullWeight: Vec<Float> -> FullWeight: Vec<Double>`
			`* Fix for issues #5422, #3411, and #5443 -- DXF insert scaling fix`
			`and colour fix`
			`* Update StbCommon.h to stay up-to-date with stb_image.h.`
			`* Introduce aiBuffer`
			`* Add bounds checks to the parsing utilities.`
			`* Fix crash in viewer`
			`* Static code analysis fixes`
			`* Kimkulling/fix behavior of remove redundant mats issue 5438`
			`* Fix X importer breakage introduced in commit f844c33`
			`* Fileformats.md: clarify that import of .blend files is deprecated`
			`* feat:1.add 3mf vertex color read 2.fix 3mf read texture bug`
			`* More GLTF loading hardening`
			`* Bump actions/cache from 3 to 4`
			`* Blendshape->Geometry in FBX Export`
			`* Fix identity matrix check`
			`* Fix PyAssimp under Python >= 3.12 and macOS library search support`
			`* Add ISC LICENSE file`
			`* ColladaParser: check values length`
			`* Include defs in not cpp-section`
			`* Add correct double zero check`
			`* Add zlib-header to ZipArchiveIOSystem.h`
			`* Add 2024 to copyright infos`
			`* Append a new setting "AI_CONFIG_EXPORT_FBX_TRANSPARENCY_FACTOR_REFER_TO_OPACITY"`
			`* Eliminate non-ascii comments in clipper`
			`* Fix compilation for MSVC14.`
			`* Add correction of fbx model rotation`
			`* Delete tools/make directory`
			`* Delete packaging/windows-mkzip directory`
			`* Fix #5420 duplicate degrees to radians conversion in fbx importer`
			`* Respect merge identical vertices in ObjExporter`
			`* Fix utDefaultIOStream test under MinGW`
			`* Fix typos`
			`* Add initial macOS support to C4D importer`
			`* Update hunter into CMakeLists.txt`
			`* Fix: add a missing import for AI_CONFIG_CHECK_IDENTITY_MATRIX_EPSILON_DEFAULT`
			`* updated json`
			`* Cleanup: Fix review findings`
			`* Update CMakeLists.txt`

			`- Reenable the Collada parser.`


			`</description>`
			`<package>assimp</package>`
			`<seperate_build_arch/>`
Update incident numbers 2024-12-06 13:36:42 +01:00			`</patchinfo>`