Advisories ยป MGASA-2019-0290

Updated libheif packages fix security vulnerability

Publication date: 27 Sep 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-11471

Description

libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::
set_alpha_channel in heif_context.h because heif_context.cc mishandles
references to non-existing alpha images (CVE-2019-11471).

Also, imagemagick has been updated to 7.0.8.62 to fix various bugs.
                

References

SRPMS

7/tainted

7/core