stable

libheif-1.17.5-1.fc40

FEDORA-2023-692921aeb2 created by rathann a year ago for Fedora 40

Automatic update for libheif-1.17.5-1.fc40.

Changelog
* Fri Dec 15 2023 Dominik Mierzejewski <dominik@greysector.net> - 1.17.5-2
- Update to 1.17.5 (rhbz#2244583)
- Backport fixes for: CVE-2023-49460 (rhbz#2253575, rhbz#2253576)
                      CVE-2023-49462 (rhbz#2253567, rhbz#2253568)
                      CVE-2023-49463 (rhbz#2253565, rhbz#2253566)
                      CVE-2023-49464 (rhbz#2253562, rhbz#2253563)
- Simplify conditionals for rav1e and svt-av1 encoders
- Enable JPEG2000 and dav1d decoders/encoders

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-692921aeb2

This update was automatically created

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been submitted for stable by bodhi

a year ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
0 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
approved
a year ago
Builds
1
libheif-1.17.5-1.fc40
BZ#2244583 libheif-1.17.5 is available
0
0
BZ#2253562 CVE-2023-49464 libheif: UAF
0
0
BZ#2253563 CVE-2023-49464 libheif: UAF [fedora-all]
0
0
BZ#2253565 CVE-2023-49463 libheif: find_exif_tag SEGV
0
0
BZ#2253566 CVE-2023-49463 libheif: SEGV [fedora-all]
0
0
BZ#2253567 CVE-2023-49462 libheif: read16 segv
0
0
BZ#2253568 CVE-2023-49462 libheif: read16 segv [fedora-all]
0
0
BZ#2253575 CVE-2023-49460 libheif: segmentation violation in decode_uncompressed_image()
0
0
BZ#2253576 TRIAGE CVE-2023-49460 libheif: segmentation violation in decode_uncompressed_image() [fedora-all]
0
0
libheif-1.17.5-1.fc40

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-9b9qs.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy