Hi,
Just FYI, there's a bunch of additional fuzz-related fixes in
libheif's upstream git repo. I don't see any assigned CVEs other than
the one you've tagged in this bug, but this heap buffer overflow fix in
particular caught my eye as something we may want to include:
https://github.com/struktu
Source: libheif
Severity: grave
Tags: security
This was assigned CVE-2019-11471:
https://github.com/strukturag/libheif/issues/123
Patch:
https://github.com/strukturag/libheif/commit/995a4283d8ed2d0d2c1ceb1a577b993df2f0e014
Cheers,
Moritz
2 matches
Mail list logo
