1540817576
Boost (removed!) Cython 3.0.11 Expat 2.6.4 GMP 6.3.0 MaterialX 1.39.2 Nanobind 2.1.0 (new, for OpenVDB) NumPy 1.26.4 OpenColorIO 2.4.1 OpenEXR 3.3.2 OpenImageIO 3.0.3.1 OpenVDB 12.0.0 OSL 1.14.3-beta Python 3.11.11 Robinmap 1.3.0 TBB 2021.13.0 TIFF 4.7.0 USD 25.02 libxml2 2.13.5 zlib 1.3.1 Co-authored-by: Brecht Van Lommel <brecht@blender.org> Co-authored-by: Jonas Holzman <jonas@holzman.fr> Co-authored-by: Sebastian Parborg <sebastian@blender.org> Ref #128577 Pull Request: https://projects.blender.org/blender/blender/pulls/134178
44 lines
3.4 KiB
CSV
44 lines
3.4 KiB
CSV
vendor,product,version,cve_number,remarks,comment
|
|
@OPENJPEG_ID@,CVE-2016-9675,NotAffected,issue in convert command line tool not used by blender
|
|
@PYTHON_ID@,CVE-2009-2940,NotAffected,issue in pygresql not used by blender
|
|
@PYTHON_ID@,CVE-2020-29396,NotAffected,issue in odoo not used by blender
|
|
@PYTHON_ID@,CVE-2021-32052,NotAffected,issue in django not used by blender
|
|
@PYTHON_ID@,CVE-2009-3720,NotAffected,already fixed in libexpat version used
|
|
@PYTHON_ID@,CVE-2023-36632,NotAffected,not used in blender and not considered a bug upstream
|
|
@PYTHON_ID@,CVE-2023-27043,NotAffected,not used in blender
|
|
@PYTHON_ID@,CVE-2024-6232,FalsePositive,fixed in 3.11.10 upstream fix gh-121285
|
|
@PYTHON_ID@,CVE-2024-7592,FalsePositive,fixed in 3.11.10 upstream fix gh-123067
|
|
@PYTHON_PIP_ID@,CVE-2018-20225,NotAffected,not a blender specific issue and pip is inherently affected by malicious packages
|
|
@SSL_ID@,CVE-2009-1390,NotAffected,issue in mutt not used by blender
|
|
@SSL_ID@,CVE-2009-3765,NotAffected,issue in mutt not used by blender
|
|
@SSL_ID@,CVE-2009-3766,NotAffected,issue in mutt not used by blender
|
|
@SSL_ID@,CVE-2009-3767,NotAffected,issue in ldap not used by blender
|
|
@SSL_ID@,CVE-2019-0190,NotAffected,issue in apache not used by blender
|
|
@TIFF_ID@,CVE-2022-2056,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-2057,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-2058,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-2519,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-2520,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-2521,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-2953,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-34526,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-3570,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-3597,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-3598,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-3599,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-3626,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2022-3627,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2023-40745,NotAffected,issue in tiff command line tool not used by blender
|
|
@TIFF_ID@,CVE-2023-41175,NotAffected,issue in tiff command line tool not used by blender
|
|
@XML2_ID@,CVE-2016-3709,NotAffected,not affecting blender and not considered a security issue upstream
|
|
@XML2_ID@,CVE-2023-39615,NotAffected,not affecting blender and not considered a security issue upstream
|
|
@XML2_ID@,CVE-2020-7595,NotAffected,already fixed in the libxml2 version used
|
|
@GMP_ID@,CVE-2021-43618,Mitigated,patched using upstream commit 561a9c25298e
|
|
@SQLITE_ID@,CVE-2022-35737,NotAffected,only affects SQLITE_ENABLE_STAT4 compile option not used by blender or python
|
|
@SQLITE_ID@,CVE-2023-7104,NotAffected,does not affect blender use of sqlite
|
|
@SQLITE_ID@,CVE-2024-0232,NotAffected,does not affect blender use of sqlite
|
|
@ZLIB_ID@,CVE-2023-45853,NotAffected,only affects minizip not used by blender
|
|
@SNDFILE_ID@,CVE-2024-50612,Mitigated,patched using upstream PR 1045
|
|
@SNDFILE_ID@,CVE-2024-50613,NotAffected,all mp3 handling in blender goes through ffmpeg
|
|
@SBOMCONTENTS@
|