* Tue Jan 06 2026 pgajdos@suse.com
- security update
- added patches
CVE-2025-68431 [bsc#1255735], heap buffer over-read in `HeifPixelImage::overlay()` via crafted HEIF that exercises the overlay image item
* libheif-CVE-2025-68431.patch
* Thu Dec 12 2024 pgajdos@suse.com
- complete rpm changelog:
* 0.18.0 fixed CVE-2023-0996 [bsc#1208640] and
CVE-2024-41311 [bsc#1231714]
* 1.15.2 fixed CVE-2023-29659 [bsc#1211174]
* Wed Nov 20 2024 suse+build@de-korte.org
- update to 1.19.5:
* fix heif_image_handle_is_premultiplied_alpha() #1394
- update to 1.19.4:
* fix crash when encoding tiled unci images
* fix crash in heif_context_encode_grid()
* fix querying the preferred colorspace for monochroma AVIF files
* error when using a chroma format or bit depth that is not supported
by the Kvazaar plugin
* output proper error message when memory allocation failed and use
adapted security limits
* heif-dec: do not show progress with option --quiet it given
* Fri Nov 15 2024 suse+build@de-korte.org
- Fix build for Tumbleweed
* Thu Nov 14 2024 dmueller@suse.com
- cleanup
* Wed Nov 13 2024 pgajdos@suse.com
- build for 15:
* openjpeg only for 16+
* require correct gcc version
* Tue Nov 12 2024 suse+build@de-korte.org
- update to 1.19.3:
* fixes a race condition that may lead to some image tiles not being
included in the output image (#1379)
* fix a potential crash when querying overlay image information
* Wed Nov 06 2024 suse+build@de-korte.org
- update to 1.19.2:
* fix DLL symbol export for non MSVC-compilers on Windows
* fix running the unit tests from the build directory when building
with plugins
* switch to catch2 testing framework. We can now check for prerequisites
at runtime and skip tests accordingly
- Remove patch that is no longer needed
- only-run-test-when-HEVC-encoder-available.patch
* Sat Nov 02 2024 suse+build@de-korte.org
- update to 1.19.1:
* Fixes backwards compatibility of heif_context_set_maximum_image_size_limit()
- update to 1.19.0:
* The major new feature in this decoding separate tiles of images and
also encoding an image tile by tile. This allows to process
high-resolution images that do not fit into memory. We support three
tiling methods:
- grid, which is the default tiling method used in most existing
HEIC or AVIF images.
- unci, which is the built-in tiling method of the ISO 23001-17
uncompressed codec.
- tili, which is a proprietary scheme with much less overhead than
grid and which supports efficient streaming of high-resolution
images over networks without having to download huge amounts of
metadata. It also supports much larger images than possible with
grid. As an extra, it supports the processing of multi-dimensional
images, like 3D image cubes, or image sets addressed by several
parameter dimensions.
* decoding is faster, especially if you let libheif decide on the best
colorspace to work in by passing heif_colorspace_unknown and
heif_chroma_unknown to heif_decode_image(). It will then use the
input colorspace and avoid unnecessary conversions.
* support for multi-resolution pyramids (pymd) to show downscaled
versions of high-resolution images
* improved reader interface that enables to connect libheif to a
network source. Libheif will request the portions of the image file
that have to be downloaded from the server. This is especially
useful in connection with the tiling / multi-resolution pyramid
feature.
* function to generate overlay images
* decoding progress is signaled to the client application and decoding
can be cancelled
* decoding of AVC encoded images through OpenH264
* security limits can be changed to be able to read very large images
- Skip test when HEVC encoder is unavailable
+ only-run-test-when-HEVC-encoder-available.patch
* Mon Oct 21 2024 pgajdos@suse.com
- build *-test subpackage with multibuild for running the test suite
- added sources
+ _multibuild
* Mon Aug 19 2024 manfred.h@gmx.net
- Add heif-convert to the files list of the heif-examples sub-package
* Thu Aug 08 2024 suse+build@de-korte.org
- update to 1.18.2:
* fix regression that Exif orientation was not correctly reset when
converting rotated HEIF (heif-dec)
* swap Exif width/height when rotating image by 90 degrees
* fix memory leak in OpenJPEG decoding plugin
* pay attention to DESTDIR variable when installing heif-convert symlink
* Sat Jul 27 2024 rrahl0@opensuse.org
- update to 1.18.1:
* Fix libbrotlidec pkg-config requires
* tiff: Fix wrong type for "seekTIFF" function.
* fix 32bit compiler warnings in box.cc
* fix memory leaks in Brotli decoder
* Wed Jul 10 2024 suse+build@de-korte.org
- update to 1.18.0:
* now reads images generated by iOS 18
* heif-convert has been renamed to heif-dec
* encoding: property item boxes with identical content are reused
* support ISO 23001-17 version 1 uncC minimized headers
* support ISO 23001-17 images with 'deflate', 'zlib' and Brotli
compression
* heif-enc can read TIFF images
* API functions to read/write raw items and item properties
* many bug fixes and smaller enhancements
- Remove libheif-svtav1.patch: no longer needed
* Thu Apr 18 2024 dimstar@opensuse.org
- Add libheif-svtav1.patch: Fix compilation with libsvtav1 2.0.0.
* Wed Jan 03 2024 dmueller@suse.com
- update to 1.17.6:
* A couple of build fixes and bug fixes detected by fuzzing.
* Corrects these issues:
* CVE-2023-49462 - #1043
* CVE-2023-49463 - #1042
- drop libheif-CVE-2023-49462.patch,
libheif-CVE-2023-49464.patch,
libheif-CVE-2023-49460.patch: upstream
* Tue Dec 19 2023 pgajdos@suse.com
- security update
- added patches
fix CVE-2023-49460 [bsc#1217902], segmentation violation in decode_uncompressed_image()
+ libheif-CVE-2023-49460.patch
* Mon Dec 18 2023 olaf@aepfle.de
- sync ExclusiveArch with SVT-AV1
- move HEIF plugins from examples to separate package
- make sure all subpackages use the same libheif1 ABI
* Tue Dec 12 2023 olaf@aepfle.de
- remove usage of presets to allow any cmake
- remove plugin conditional, to provide plugins on Leap as well
- remove rav1e conditional, because it is always available
* Mon Dec 11 2023 pgajdos@suse.com
- security update
- added patches
fix CVE-2023-49462 [bsc#1217898], read16 segv
+ libheif-CVE-2023-49462.patch
fix CVE-2023-49464 [bsc#1217900], UAF
+ libheif-CVE-2023-49464.patch
Version: 1.12.0-150400.3.11.1
* Thu May 11 2023 pgajdos@suse.com
- security update
- added patches
fix CVE-2023-29659 [bsc#1211174], segfault caused by divide-by-zero
+ libheif-CVE-2023-29659.patch
* Fri Feb 24 2023 pgajdos@suse.com
- security update
- added patches
fix CVE-2023-0996 [bsc#1208640], buffer overflow in heif_js_decode_image in libheif
+ libheif-CVE-2023-0996.patch
* Fri May 27 2022 sbrabec@suse.com
- Add missing gdk-pixbuf loader scriptlets (bsc#1199987).
* Fri Jun 11 2021 bjorn.lie@gmail.com
- Update to version 1.12.0:
+ Check for MIAF conformance and add as compatible brand.
+ Signaling of premultiplied alpha.
+ Parse AV1 obu_sequence_header for av1C box.
+ Write pixi box in AVIFs.
+ Save alpha as monochrome in AVIF if possible.
+ Many build fixes.
* Wed Apr 07 2021 dmueller@suse.com
- update to 1.11.0:
* fix writing ispe box in HEIFs
* nclx output profile encoding parameters
* change the way nclx profiles is written so that macOS can read them
* API for listing file brands and checking file type
* fix heif_image_handle_get_depth_image_representation_info()
* Fri Jan 08 2021 dimstar@opensuse.org
- Add baselibs.conf: generate libheif1-32bit, which is a new
dependency for ImageMagick-32bit after that one now enabled
libheif support.
* Fri Dec 25 2020 bjorn.lie@gmail.com
- Build with dav1d and rav1e support, do this via:
+ Add pkgconfig(dav1d) BuildRequires.
+ Add conditional pkgconfig(rav1e) BuildRequires (currently
Tumbleweed only).
- Drop libheif-lang Recommends: Package does not exist.
* Tue Oct 13 2020 asn@cryptomilk.org
- Fix the License
* Mon Oct 12 2020 asn@cryptomilk.org
- Only build with AV1-AVIF support
- Update to version 1.9.1
* https://github.com/strukturag/libheif/releases/tag/v1.9.1
- fixed CVE-2020-23109 [bsc#1192382]
(bca0162018df9a32d21c05aad1fa203881fa7813)
Version: 1.11.0-bp153.1.1
* Wed Apr 07 2021 Dirk Müller <dmueller@suse.com>
- update to 1.11.0:
* fix writing ispe box in HEIFs
* nclx output profile encoding parameters
* change the way nclx profiles is written so that macOS can read them
* API for listing file brands and checking file type
* fix heif_image_handle_get_depth_image_representation_info()
* Fri Jan 08 2021 Dominique Leuenberger <dimstar@opensuse.org>
- Add baselibs.conf: generate libheif1-32bit, which is a new
dependency for ImageMagick-32bit after that one now enabled
libheif support.
* Fri Dec 25 2020 Bjørn Lie <bjorn.lie@gmail.com>
- Build with dav1d and rav1e support, do this via:
+ Add pkgconfig(dav1d) BuildRequires.
+ Add conditional pkgconfig(rav1e) BuildRequires (currently
Tumbleweed only).
- Drop libheif-lang Recommends: Package does not exist.
* Thu Dec 17 2020 malcolmlewis@opensuse.org
- Re-download tarball and check with osc service runall
download_files, all ok.
* Wed Dec 16 2020 malcolmlewis@opensuse.org
- Updated to version 1.10.0:
* New API: may access all (vendor-dependent) auxiliary images
(e.g. hdrgainmap, semanticskinmatte, ...).
* When ICC profile is present, will now write two color boxes
(nclx and ICC) into AVIF files. Also reads files with two color
boxes.
* Alpha image is now saved as monochrome.
* Loading of 16bit greyscale PNGs in heif_enc.
* Deprecated heif_enc option "-E".
* Remove dependency on alloca().
* Bug fixes.
* Sun Nov 01 2020 malcolmlewis@opensuse.org
- Add build condition to enable additional options, codecs and
example binaries.
- Remove rav1e and dav1d support for the moment as still WIP.
* Tue Oct 13 2020 Andreas Schneider <asn@cryptomilk.org>
- Fix the License
* Mon Oct 12 2020 Andreas Schneider <asn@cryptomilk.org>
- Only build with AV1-AVIF support
- Update to version 1.9.1
* https://github.com/strukturag/libheif/releases/tag/v1.9.1
* Sun Jul 08 2018 plinnell@opensuse.org
- initial package for 1.3.2