Register | Log in

libheif

Choose email to subscribe with

general

source: libheif (main)
version: 1.19.7-1
maintainer: Debian Multimedia Maintainers (archive) (DMD)
uploaders: Joachim Bauch [DMD]
arch: any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.3.2-2~deb10u1
oldstable: 1.11.0-1
old-sec: 1.11.0-1+deb11u2
stable: 1.15.1-1+deb12u1
stable-sec: 1.15.1-1+deb12u1
stable-bpo: 1.19.7-1~bpo12+1
testing: 1.19.7-1
unstable: 1.19.7-1

versioned links

1.3.2-2~deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.11.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.11.0-1+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.15.1-1+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.19.7-1~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.19.7-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

heif-gdk-pixbuf (1 bugs: 0, 1, 0, 0)
heif-thumbnailer
libheif-dev
libheif-examples
libheif-plugin-aomdec
libheif-plugin-aomenc
libheif-plugin-dav1d
libheif-plugin-ffmpegdec
libheif-plugin-j2kdec
libheif-plugin-j2kenc
libheif-plugin-jpegdec
libheif-plugin-jpegenc
libheif-plugin-kvazaar
libheif-plugin-libde265
libheif-plugin-rav1e
libheif-plugin-svtenc
libheif-plugin-x265
libheif-plugins-all
libheif1 (1 bugs: 0, 1, 0, 0)

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-29482: Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265.

Created: 2025-04-08 Last update: 2025-04-22 17:00

3 security issues in bullseye high

There are 3 open security issues in bullseye.

2 important issues:

CVE-2025-43966: libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
CVE-2025-43967: libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.

1 issue postponed or untriaged:

CVE-2025-29482: (postponed; to be fixed through a stable update) Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265.

Created: 2025-04-21 Last update: 2025-04-22 17:00

3 security issues in bookworm high

There are 3 open security issues in bookworm.

2 important issues:

CVE-2025-43966: libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
CVE-2025-43967: libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.

1 issue left for the package maintainer to handle:

CVE-2025-29482: (postponed; to be fixed through a stable update) Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-04-08 Last update: 2025-04-22 17:00

lintian reports 1 error high

Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.

Created: 2024-11-12 Last update: 2025-01-07 21:31

Build log checks report 3 warnings low

Build log checks report 3 warnings

Created: 2024-06-09 Last update: 2024-06-09 17:41

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-03-10 19:32

news

[2025-03-24] Accepted libheif 1.19.7-1~bpo12+1 (source) into stable-backports (Joachim Bauch)
[2025-03-14] libheif 1.19.7-1 MIGRATED to testing (Debian testing watch)
[2025-03-10] Accepted libheif 1.19.7-1 (source) into unstable (Joachim Bauch)
[2025-01-10] libheif 1.19.5-1 MIGRATED to testing (Debian testing watch)
[2025-01-07] Accepted libheif 1.19.5-1 (source) into unstable (Joachim Bauch)
[2024-11-16] Accepted libheif 1.19.3-1~bpo12+1 (source) into stable-backports (Joachim Bauch)
[2024-11-14] libheif 1.19.3-1 MIGRATED to testing (Debian testing watch)
[2024-11-13] Accepted libheif 1.19.1-1~bpo12+2 (source amd64) into stable-backports (Debian FTP Masters) (signed by: Joachim Bauch)
[2024-11-13] Accepted libheif 1.19.1-1~bpo12+1 (source amd64) into stable-backports (Debian FTP Masters) (signed by: Joachim Bauch)
[2024-11-11] Accepted libheif 1.19.3-1 (source) into unstable (Joachim Bauch)
[2024-11-06] libheif 1.19.1-1 MIGRATED to testing (Debian testing watch)
[2024-11-05] Accepted libheif 1.11.0-1+deb11u2 (source) into oldstable-security (Chris Lamb)
[2024-11-04] Accepted libheif 1.19.1-1 (source) into unstable (Joachim Bauch)
[2024-10-26] Accepted libheif 1.15.1-1+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2024-10-25] Accepted libheif 1.15.1-1+deb12u1 (source) into stable-security (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2024-10-22] Accepted libheif 1.11.0-1+deb11u1 (source) into oldstable-security (Chris Lamb)
[2024-09-30] libheif 1.18.2-2 MIGRATED to testing (Debian testing watch)
[2024-09-26] Accepted libheif 1.18.2-2 (source) into unstable (Joachim Bauch)
[2024-09-25] Accepted libheif 1.18.2-1 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Joachim Bauch)
[2024-08-30] libheif 1.18.1-2 MIGRATED to testing (Debian testing watch)
[2024-08-28] Accepted libheif 1.18.1-2 (source) into unstable (Joachim Bauch)
[2024-08-01] Accepted libheif 1.18.1-1 (source) into unstable (Joachim Bauch)
[2024-07-21] libheif 1.17.6-4 MIGRATED to testing (Debian testing watch)
[2024-07-13] Accepted libheif 1.17.6-4 (source arm64) into unstable (Debian FTP Masters) (signed by: Christian Hofstaedtler)
[2024-06-12] libheif 1.17.6-3 MIGRATED to testing (Debian testing watch)
[2024-06-06] Accepted libheif 1.17.6-3 (source) into unstable (Jeremy Bícha) (signed by: Jeremy Bicha)
[2024-06-05] Accepted libheif 1.17.6-2 (source) into unstable (Joachim Bauch)
[2024-01-16] libheif 1.17.6-1 MIGRATED to testing (Debian testing watch)
[2023-12-27] Accepted libheif 1.17.6-1 (source) into unstable (Joachim Bauch) (signed by: Aron Xu)
[2023-12-19] libheif 1.17.4-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (1, 0)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.19.7-1
2 bugs

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing