libheif (1.11.0-1+deb11u2) bullseye-security; urgency=high * Non-maintainer upload by the Debian LTS team. * CVE-2023-0996: Fix an issue in the strided image data parsing code whereby an attacker could use a specially-crafted image file to cause a buffer overflow via a memcpy call. (Closes: #1032101) * CVE-2023-29659: Prevent an issue where a floating point exception / segfault could have been exploited by a specially-crafted image through the the Fraction::round() function. (Closes: #1035607) -- Chris Lamb Tue, 05 Nov 2024 13:07:00 -0800 libheif (1.11.0-1+deb11u1) bullseye-security; urgency=high * Non-maintainer upload by the Debian LTS team. * CVE-2024-41311: Prevent a potential out-of-bounds read vulnerability caused by insufficient checks in ImageOverlay::parse(), where an overlay image with forged offsets could have led to undefined behaviour. -- Chris Lamb Tue, 22 Oct 2024 15:47:22 -0700 libheif (1.11.0-1) unstable; urgency=medium * Imported Upstream version 1.11.0 * Remove patch applied upstream. * Update symbols for new upstream version. -- Joachim Bauch Tue, 02 Feb 2021 10:28:05 +0100 libheif (1.10.0-2) unstable; urgency=medium * Team upload * debian/control: Add missing Depends to libheif-dev (Closes: #978176) * debian/patches: Initialize valid_values to nullptr -- Sebastian Ramacher Sat, 02 Jan 2021 15:23:12 +0100 libheif (1.10.0-1) unstable; urgency=medium * Imported Upstream version 1.10.0 * Update "Standards-Version" to 4.5.1 * Remove patch applied upstream. * Update symbols for new upstream version. -- Joachim Bauch Wed, 16 Dec 2020 17:23:17 +0100 libheif (1.9.1-1) unstable; urgency=medium * Imported Upstream version 1.9.1 * Update symbols for new upstream version. * Build with libde265 >= 1.0.7 to get NCLX API. * Update to debhelper compat level 13. * Add patch to support building against system-installed dav1d. * Build with "libdav1d-dev" to get faster AVIF decoder. -- Joachim Bauch Mon, 28 Sep 2020 09:27:40 +0200 libheif (1.8.0-1) unstable; urgency=medium * Add "Rules-Requires-Root", no root necessary. * Imported Upstream version 1.8.0 * Update symbols for new upstream version. * Build with "libaom-dev" to get AVIF support. * Update "Standards-Version" to 4.5.0 -- Joachim Bauch Thu, 27 Aug 2020 16:07:58 +0200 libheif (1.6.1-1) unstable; urgency=medium * Imported Upstream version 1.6.1 -- Joachim Bauch Fri, 20 Dec 2019 10:31:19 +0100 libheif (1.6.0-1) unstable; urgency=medium [ Ondřej Nový ] * Bump Standards-Version to 4.4.1 [ Joachim Bauch ] * Imported Upstream version 1.6.0 * Update symbls for new upstream version. * Install man pages. -- Joachim Bauch Fri, 08 Nov 2019 14:23:21 +0100 libheif (1.5.1-1) unstable; urgency=medium * Imported Upstream version 1.5.1 * Update to debhelper compat level 12 and add debian/not-installed * Enable hardening. * Stop parsing changelog manually. * Fix "get-head-source" and don't include date in filename. * Specify "Build-Depends-Package" in symbols. -- Joachim Bauch Fri, 30 Aug 2019 10:30:36 +0200 libheif (1.5.0-1) unstable; urgency=medium [ Ondřej Nový ] * Use debhelper-compat instead of debian/compat * Bump Standards-Version to 4.4.0 [ Joachim Bauch ] * Imported Upstream version 1.5.0 * Update symbols for new upstream version. * Add copyright entries for new files in test/ * Add missing copyright entry for files in scripts/ * The examples are MIT licensed since 1.4.0 * Remove patches no longer needed (fixed upstream). [ Mattia Rizzolo ] * Drop now unneeded debian/source/include-binaries -- Joachim Bauch Fri, 16 Aug 2019 16:29:09 +0200 libheif (1.4.0-2) unstable; urgency=medium * Team upload. * Upload to unstable. * debian/patches: Apply upstream fixes for CVE-2019-11471. (Closes: #928210) -- Sebastian Ramacher Sat, 06 Jul 2019 15:37:07 +0200 libheif (1.4.0-1) experimental; urgency=medium * Imported Upstream version 1.4.0 * Add new package containing the gdk-pixbuf loader. * Update "Standards-Version" to 4.3.0 * Update symbols for new upstream version. -- Joachim Bauch Tue, 02 Apr 2019 10:17:10 +0200 libheif (1.3.2-1) unstable; urgency=medium * Imported Upstream version 1.3.2 * Update "Standards-Version" to 4.1.4 * Update symbols for new upstream version. -- Joachim Bauch Thu, 21 Jun 2018 15:40:05 +0200 libheif (1.2.0-1) unstable; urgency=medium [ Ondřej Nový ] * d/copyright: Use https protocol in Format field [ Joachim Bauch ] * Imported Upstream version 1.2.0 * Remove patch now in upstream. * Update symbols for new upstream version. * Add new package "heif-thumbnailer". -- Joachim Bauch Mon, 28 May 2018 16:12:56 +0200 libheif (1.1.0-2) unstable; urgency=medium * Add patch to fix compile errors on mips, ppc and other platforms. -- Joachim Bauch Thu, 19 Apr 2018 09:04:15 +0200 libheif (1.1.0-1) unstable; urgency=medium [ Joachim Bauch ] * d/control: Set Maintainer to Debian Multimedia Maintainers * d/control: Set Vcs-* to salsa.debian.org [ Felipe Sateler ] * Change maintainer address to debian-multimedia@lists.debian.org [ Joachim Bauch ] * Use default branch/tag names. * Imported Upstream version 1.1.0 * Add dependency on "libx265-dev". * Update symbols for new upstream version. -- Joachim Bauch Wed, 18 Apr 2018 16:28:10 +0200 libheif (1.0.0-1) unstable; urgency=medium * Initial release. (Closes: #888278) -- Joachim Bauch Sun, 18 Mar 2018 14:55:50 +0100