Описание
Security update for libheif
This update for libheif fixes the following issues:
- CVE-2023-29659: Fixed segfault caused by divide-by-zero (bsc#1211174).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
libheif1-1.12.0-150400.3.11.1
SUSE Linux Enterprise Module for Package Hub 15 SP5
gdk-pixbuf-loader-libheif-1.12.0-150400.3.11.1
libheif-devel-1.12.0-150400.3.11.1
openSUSE Leap 15.5
gdk-pixbuf-loader-libheif-1.12.0-150400.3.11.1
libheif-devel-1.12.0-150400.3.11.1
libheif1-1.12.0-150400.3.11.1
libheif1-32bit-1.12.0-150400.3.11.1
Ссылки
- Link for SUSE-SU-2023:2223-2
- E-Mail link for SUSE-SU-2023:2223-2
- SUSE Security Ratings
- SUSE Bug 1211174
- SUSE CVE CVE-2023-29659 page
Описание
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libheif1-1.12.0-150400.3.11.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:gdk-pixbuf-loader-libheif-1.12.0-150400.3.11.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:libheif-devel-1.12.0-150400.3.11.1
openSUSE Leap 15.5:gdk-pixbuf-loader-libheif-1.12.0-150400.3.11.1
Ссылки
- CVE-2023-29659
- SUSE Bug 1211174