SUSE-SU-2023:2223-1

Опубликовано: 16 мая 2023

Источник: suse-cvrf

Описание

Security update for libheif

This update for libheif fixes the following issues:

CVE-2023-29659: Fixed segfault caused by divide-by-zero (bsc#1211174).

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

libheif1-1.12.0-150400.3.11.1

openSUSE Leap 15.4

gdk-pixbuf-loader-libheif-1.12.0-150400.3.11.1

libheif-devel-1.12.0-150400.3.11.1

libheif1-1.12.0-150400.3.11.1

libheif1-32bit-1.12.0-150400.3.11.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232223-1/
Link for SUSE-SU-2023:2223-1
https://lists.suse.com/pipermail/sle-security-updates/2023-May/014909.html
E-Mail link for SUSE-SU-2023:2223-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1211174
SUSE Bug 1211174
https://www.suse.com/security/cve/CVE-2023-29659/
SUSE CVE CVE-2023-29659 page

Описание

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

Затронутые продукты

SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libheif1-1.12.0-150400.3.11.1

openSUSE Leap 15.4:gdk-pixbuf-loader-libheif-1.12.0-150400.3.11.1

openSUSE Leap 15.4:libheif-devel-1.12.0-150400.3.11.1

openSUSE Leap 15.4:libheif1-1.12.0-150400.3.11.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-29659.html
CVE-2023-29659
https://bugzilla.suse.com/1211174
SUSE Bug 1211174

SUSE-SU-2023:2223-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Desktop Applications 15 SP4

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2023-29659

Описание

Затронутые продукты

Ссылки