Package "libheif-plugin-libde265"
| Name: |
libheif-plugin-libde265
|
Description: |
ISO/IEC 23008-12:2017 HEIF file format decoder - libde265 plugin
|
| Latest version: |
1.17.6-1ubuntu4.4 |
| Release: |
noble (24.04) |
| Level: |
security |
| Repository: |
main |
| Head package: |
libheif |
| Homepage: |
http://www.libheif.org |
Links
Download "libheif-plugin-libde265"
Other versions of "libheif-plugin-libde265" in Noble
Changelog
|
libheif (1.17.6-1ubuntu4.4) noble-security; urgency=medium
* SECURITY UPDATE: Buffer overflow when reading mask image.
- debian/patches/CVE-2026-32741.patch: Fix possible buffer overflow when
reading mask image in libheif/image-items/mask_image.cc
- CVE-2026-32741
* SECURITY UPDATE: Information leak in decode.
- debian/patches/CVE-2026-32814.patch: Initialize allocated memory to
avoid information leak in libheif/pixelimage.cc
- CVE-2026-32814
* SECURITY UPDATE: Heap overflow in HeifPixelImage.
- debian/patches/CVE-2026-32882.patch: Fix overlay image with alpha
channels with stride different from color channel in
libheif/pixelimage.cc
- CVE-2026-32882
-- Kyle Kernick <email address hidden> Tue, 16 Jun 2026 17:16:55 -0600
|
| Source diff to previous version |
| CVE-2026-32741 |
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_i |
| CVE-2026-32814 |
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strict_decoding=false |
| CVE-2026-32882 |
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay() in |
|
|
libheif (1.17.6-1ubuntu4.2) noble-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2024-25269.patch: Fix memory leaks in function
JpegEncoder::Encode
- CVE-2024-25269
* SECURITY UPDATE: Buffer Overflow
- debian/patches/CVE-2025-68431.patch: Fix wrong copy width in
overlay images, thanks to Aldo Ristori
- CVE-2025-68431
-- Bruce Cable <email address hidden> Wed, 07 Jan 2026 17:41:16 +1100
|
| Source diff to previous version |
| CVE-2024-25269 |
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack. |
| CVE-2025-68431 |
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path trigg |
|
|
libheif (1.17.6-1ubuntu4.1) noble-security; urgency=medium
* SECURITY UPDATE: out-of-bounds data read/write in ImageOverlay::parse()
- debian/patches/CVE-2024-41311.patch: added patch to check that
overlay's offsets are valid
- CVE-2024-41311
-- Shishir Subedi <email address hidden> Mon, 21 Oct 2024 16:33:55 +0545
|
| CVE-2024-41311 |
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an o |
|
About
-
Send Feedback to @ubuntu_updates