-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3945-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 05, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : libheif Version : 1.11.0-1+deb11u2 CVE IDs : CVE-2023-0996 CVE-2023-29659 Debian Bugs : 1032101 1035607 It was discovered that there were two issues in libheif, a decoder and encoder for the HEIF and AVIF image formats that could have been exploited by specially-crafted image files. For Debian 11 bullseye, these problems have been fixed in version 1.11.0-1+deb11u2. We recommend that you upgrade your libheif packages. For the detailed security status of libheif please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libheif Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmcqi0cACgkQHpU+J9Qx HliSug/+P+WXaOurk+4FCYvVhVKp+1uMSJNV2zYm1nU8BT8mFd+euUElPhhVnbDY dVGhJH0OjGjWAzqn1ku67FxylnLP1raBwlpwkeSmhthWgMm++YdDSPr6l8tZ23f8 fA90sHRB7Yek8vWH5q8PoM1ZUZa7ZpsvR58IPK5UcaaEJPqnhDvshWpkM/UsEUuy Qxy4/UZ7aru8LSPqJWIvTPilyJSQwgxKGglfduOYfSpTVKbKMPTi5aecGh4FMY1V J1aTYYvw25nvH1F3PQhxlrlqgA0mWOhTsMm9bYnJyAwOJN9Ahcnl2MaH0eBhSoqS 5Tv2Eq9g5jSME+JWkMi1LfU89rBCz7Vai7vMLjiUc+ZyyBcliJ0judAmra5LXIe6 WTuYsslrgyZ4Sl+E9Tqkf7W1m+gk43+zgdQVmX3gyv9c2qk+vjHrRv2Fo3FYfdPW e6QrNgc45fW1vbArpPMsYWv6JUe8rtVRREluFC3avEwlKPAMEER0qt32bgEEPREo GHy9mpqSMZMjcKtBbUM80ByaAWuY/yVHwih7dY8ZWOYpczc9WnmNIPwvPm+wlzqp /kucPS5oXMB3k5Shdacp7aTsQPstrPeMk85L9eBoueZuoPEnIyTgw7XPA++s4ESp yqzZVmXtO0b8FoVUuqMpBzXJ69BxC/EP0Sg4GV4+TqzK5LmMt5A= =cF0K -----END PGP SIGNATURE-----
