subject:"Bug#1014125\: libheif\: CVE\-2020\-23109"

Bug#1014125: libheif: CVE-2020-23109

2023-01-17 Thread Bastian Germann

Control: fixed -1 1.8.0-1 This is claimed to be fixed with https://github.com/strukturag/libheif/commit/bca0162018df9a32d21c05aad1fa203881fa7813 which was included in v1.7.0

Bug#1014125: libheif: CVE-2020-23109

2022-06-30 Thread Moritz Mühlenhoff

Source: libheif X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security Hi, The following vulnerability was published for libheif. CVE-2020-23109[0]: | Buffer overflow vulnerability in function convert_colorspace in | heif_colorconversion.cc in libheif v1.6.2, allows attackers