Package "heif-thumbnailer"
| Name: |
heif-thumbnailer
|
Description: |
ISO/IEC 23008-12:2017 HEIF file format decoder - thumbnailer
|
| Latest version: |
1.17.6-1ubuntu4.6 |
| Release: |
noble (24.04) |
| Level: |
updates |
| Repository: |
main |
| Head package: |
libheif |
| Homepage: |
http://www.libheif.org |
Links
Download "heif-thumbnailer"
Other versions of "heif-thumbnailer" in Noble
Changelog
|
libheif (1.17.6-1ubuntu4.6) noble-security; urgency=medium
* SECURITY UPDATE: Integer overflow when parsing uncC.
- debian/patches/CVE-2026-47709.patch: Prevent integer overflow
when parsing uncC in libheif/uncompressed_image.cc
- CVE-2026-47709
* SECURITY UPDATE: Integer overflow in inline mask size calculation
- debian/patches/CVE-2026-47714.patch: Fix computation of size of inline
region mask in libheif/region.cc
- CVE-2026-47714
-- Kyle Kernick <email address hidden> Mon, 13 Jul 2026 16:00:17 -0600
|
| Source diff to previous version |
|
libheif (1.17.6-1ubuntu4.5) noble; urgency=medium
* d/p/do-not-stop-with-error-when-items-are-referenced-tha.patch,
d/p/libheif-support-shared-alpha-thumbnails-and-content-.patch:
- Backport upstream support for shared auxiliary image references
(alpha, thumbnails, metadata), fixing "Too many auxiliary image
references" errors when reading iOS 18 HEIC files. (LP: #2091957)
* d/p/fix-check-whether-Exif-IFD-table-fits-within-given-m.patch
- Backport upstream fix for inverted EXIF IFD bounds check that
prevented the orientation tag from being reset after pixel
rotation, causing double-rotation in converted images.
-- Charles <email address hidden> Tue, 30 Jun 2026 08:58:32 +0100
|
| Source diff to previous version |
| 2091957 |
[SRU] libheif cannot open iOS 18 HEIC files |
|
|
libheif (1.17.6-1ubuntu4.4) noble-security; urgency=medium
* SECURITY UPDATE: Buffer overflow when reading mask image.
- debian/patches/CVE-2026-32741.patch: Fix possible buffer overflow when
reading mask image in libheif/image-items/mask_image.cc
- CVE-2026-32741
* SECURITY UPDATE: Information leak in decode.
- debian/patches/CVE-2026-32814.patch: Initialize allocated memory to
avoid information leak in libheif/pixelimage.cc
- CVE-2026-32814
* SECURITY UPDATE: Heap overflow in HeifPixelImage.
- debian/patches/CVE-2026-32882.patch: Fix overlay image with alpha
channels with stride different from color channel in
libheif/pixelimage.cc
- CVE-2026-32882
-- Kyle Kernick <email address hidden> Tue, 16 Jun 2026 17:16:55 -0600
|
| Source diff to previous version |
| CVE-2026-32741 |
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_i |
| CVE-2026-32814 |
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strict_decoding=false |
| CVE-2026-32882 |
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay() in |
|
|
libheif (1.17.6-1ubuntu4.3) noble; urgency=medium
* d/control: Demote libheif-plugin-libde265 to Suggests. (lp: #2142762)
-- Charles <email address hidden> Thu, 26 Feb 2026 12:28:49 +0000
|
| Source diff to previous version |
| 2142762 |
[SRU] Demote libde265 to Suggests |
|
|
libheif (1.17.6-1ubuntu4.2) noble-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2024-25269.patch: Fix memory leaks in function
JpegEncoder::Encode
- CVE-2024-25269
* SECURITY UPDATE: Buffer Overflow
- debian/patches/CVE-2025-68431.patch: Fix wrong copy width in
overlay images, thanks to Aldo Ristori
- CVE-2025-68431
-- Bruce Cable <email address hidden> Wed, 07 Jan 2026 17:41:16 +1100
|
| CVE-2024-25269 |
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack. |
| CVE-2025-68431 |
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path trigg |
|
About
-
Send Feedback to @ubuntu_updates