Package libheif updated to version 1.15.2-alt1 for branch sisyphus in task 317953.

Published: 2023-05-05

BDU:2023-03407

Уязвимость функции heif::Fraction::round() в box.cc декодера форматов файлов HEIF и AVIF libheif, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

CVE-2023-29659

Published: 2023-05-05
Modified: 2025-01-29

CVE-2023-29659

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

https://github.com/strukturag/libheif/issues/794
https://github.com/strukturag/libheif/issues/794
FEDORA-2023-440c8694e5
FEDORA-2023-440c8694e5
FEDORA-2023-e679ea4fa2
FEDORA-2023-e679ea4fa2

Version: 2.1.0

Package libheif update in sisyphus on 2023-04-03

ALT-PU-2023-1564-1

Closed vulnerabilities

BDU:2023-03407

CVE-2023-29659