CVE-2023-0996 (https://github.com/strukturag/libheif/pull/759): https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. Patch is in >=1.15.0: https://github.com/strukturag/libheif/commit/3c8e92448c10a57a7f1ec8536c6e5427fb2c7c62
From ed6ed01d61b2aa3d65236a3f4d72a0f3f7d5b092 Mon Sep 17 00:00:00 2001 From: Guillermo Joandet <gjoandet@gmail.com> Date: Sat, 8 Apr 2023 21:14:25 -0300 Subject: media-libs/libheif: Version bump to 1.15.2
Thanks! Please stabilize when ready.
CVE-2023-29659 (https://github.com/strukturag/libheif/issues/794): A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. Fix is in 1.15.2.