SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-87

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-87

Security update for libheif

Type: security

Severity: moderate

Issued: 2026-01-09

Description:

This update for libheif fixes the following issues:

- CVE-2025-68431: Fixed heap buffer over-read in `HeifPixelImage::overlay()` via crafted HEIF 
  that exercises the overlay image item (bsc#1255735)

References

CVE: CVE-2025-68431
Bugzilla: 1255735 VUL-0: CVE-2025-68431: libheif: heap buffer over-read in `HeifPixelImage::overlay()` via crafted HEIF that exercises the overlay image item

Packages

libheif-1.19.5-150700.3.3.1