tinyobjloader - Debian Package Tracker

general

versioned links

2.0.0~rc5+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0~rc5+dfsg1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0~rc9+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

A new upstream version is available: 2.0.0~rc10 high

A new upstream version 2.0.0~rc10 is available, you should consider packaging it.

Created: 2021-10-27 Last update: 2022-12-04 11:46

1 security issue in sid high

1 important issue:

CVE-2020-28589: An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Created: 2022-07-04 Last update: 2022-08-26 09:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2020-28589: An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Created: 2022-07-04 Last update: 2022-08-26 09:00

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-07-30 Last update: 2022-11-13 09:35

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2020-28589: (needs triaging) An improper array index validation vulnerability exists in the LoadObj functionality of tinyobjloader v2.0-rc1 and tinyobjloader development commit 79d4421. A specially crafted file could lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-26 09:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.6.0).

Created: 2022-05-11 Last update: 2022-05-11 23:24

testing migrations

This package will soon be part of the auto-tinyobjloader transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

[2022-03-25] Accepted tinyobjloader 2.0.0~rc9+dfsg-1 (source amd64) into experimental, experimental (Debian FTP Masters) (signed by: Timo Röhling)
[2021-11-01] tinyobjloader 2.0.0~rc5+dfsg1-5 MIGRATED to testing (Debian testing watch)
[2021-10-26] Accepted tinyobjloader 2.0.0~rc5+dfsg1-5 (source) into unstable (Timo Röhling)
[2020-12-04] tinyobjloader 2.0.0~rc5+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2020-11-29] Accepted tinyobjloader 2.0.0~rc5+dfsg1-4 (source) into unstable (Timo Röhling)
[2020-11-19] tinyobjloader 2.0.0~rc5+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2020-11-13] Accepted tinyobjloader 2.0.0~rc5+dfsg1-3 (source) into unstable (Timo Röhling) (signed by: Jochen Sprickerhof)
[2020-04-24] tinyobjloader 2.0.0~rc5+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2020-04-20] Accepted tinyobjloader 2.0.0~rc5+dfsg1-2 (source) into unstable (Timo Röhling) (signed by: Jochen Sprickerhof)
[2020-04-20] Accepted tinyobjloader 2.0.0~rc5+dfsg1-1 (source amd64) into unstable, unstable (Debian FTP Masters) (signed by: Jochen Sprickerhof)

bugs [bug history graph]

links

ubuntu