Updated libheif packages fix security vulnerability
Publication date: 15 Apr 2023Modification date: 15 Apr 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-0996
Description
Vulnerability in the strided image data parsing code in the emscripten
wrapper for libheif. An attacker could exploit this through a crafted
image file to cause a buffer overflow in linear memory during a memcpy
call. (CVE-2023-0996)
References
SRPMS
8/tainted
- libheif-1.10.0-1.2.mga8.tainted
8/core
- libheif-1.10.0-1.2.mga8