Information on source package libheif

Available versions

ReleaseVersion
buster1.3.2-2+deb10u2
bullseye1.11.0-1
bullseye (security)1.11.0-1+deb11u1
bookworm1.15.1-1
bookworm (security)1.15.1-1+deb12u1
trixie1.18.2-2
sid1.19.1-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-29659vulnerable (no DSA)vulnerablefixedfixedfixedA Segmentation fault caused by a floating point exception exists in li ...
CVE-2023-0996vulnerable (no DSA)vulnerablefixedfixedfixedThere is a vulnerability in the strided image data parsing code in the ...
CVE-2020-23109vulnerable (no DSA)fixedfixedfixedfixedBuffer overflow vulnerability in function convert_colorspace in heif_c ...
CVE-2020-19499vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in heif::Box_iref::get_references in libheif 1 ...
CVE-2020-19498vulnerable (no DSA)fixedfixedfixedfixedFloating point exception in function Fraction in libheif 1.4.0, allows ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2024-25269vulnerablevulnerablevulnerablefixedfixedlibheif <= 1.17.6 contains a memory leak in the function JpegEncoder:: ...
CVE-2023-49463fixedvulnerablevulnerablefixedfixedlibheif v1.17.5 was discovered to contain a segmentation violation via ...

Resolved issues

BugDescription
CVE-2024-41311In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decodi ...
CVE-2023-49464libheif v1.17.5 was discovered to contain a segmentation violation via ...
CVE-2023-49462libheif v1.17.5 was discovered to contain a segmentation violation via ...
CVE-2023-49460libheif v1.17.5 was discovered to contain a segmentation violation via ...
CVE-2019-11471libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_al ...

Security announcements

DSA / DLADescription
DSA-5796-1libheif - security update
DLA-3934-1libheif - security update
ELA-1211-1libheif - security update

Search for package or bug name: Reporting problems