[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libheif issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun May 24 20:35:56 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8fb029bb by Salvatore Bonaccorso at 2026-05-24T21:35:28+02:00
Add Debian bug references for libheif issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -246,10 +246,10 @@ CVE-2026-41074 (RT is an open source, enterprise-grade issue and ticket tracking
 	- request-tracker4 <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/bestpractical/rt/security/advisories/GHSA-265j-qx4w-256j
 CVE-2026-41071 (libheif is a HEIF and AVIF file format decoder and encoder. In version ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-xj92-xjff-h8w3
 CVE-2026-41069 (libheif is a HEIF and AVIF file format decoder and encoder. In version ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-p82x-fpmv-576r
 CVE-2026-40864 (JupyterHub is software that allows users to create a multi-user server ...)
 	- jupyterhub <unfixed>
@@ -1900,26 +1900,26 @@ CVE-2026-33633 (Kitty is a cross-platform GPU based terminal. Versions 0.46.2 an
 	NOTE: https://github.com/kovidgoyal/kitty/security/advisories/GHSA-j68c-v8x4-269g
 	NOTE: Fixed by: https://github.com/kovidgoyal/kitty/commit/48ab623f594d60dbbfb1e767d9686d380ce547fb (v0.47.0)
 CVE-2026-32882 (libheif is a HEIF and AVIF file format decoder and encoder. Versions 1 ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-hg7q-rjr2-8x46
 CVE-2026-32814 (libheif is a HEIF and AVIF file format decoder and encoder. In version ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-4m8r-34pg-rvwc
 	NOTE: https://github.com/strukturag/libheif/commit/724ad42638c025993a0de8b53b180e465397c500 (v1.22.0)
 CVE-2026-32741 (libheif is a HEIF and AVIF file format decoder and encoder. Versions 1 ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-j3w5-7whq-p37q
 	NOTE: https://github.com/strukturag/libheif/commit/123694271ac02f2de68a3ccdc5d483eb8a2ae593 (v1.22.0)
 CVE-2026-32740 (libheif is a HEIF and AVIF file format decoder and encoder. Versions 1 ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-frfr-f3vg-2g6j
 	NOTE: https://github.com/strukturag/libheif/commit/6721f307ad684804b735e917dde7d372c5faae31 (v1.22.0)
 CVE-2026-32739 (libheif is a HEIF and AVIF file format decoder and encoder. In version ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-j9g7-q9hv-gq8c
 	NOTE: https://github.com/strukturag/libheif/commit/723b58d6ca329b2743822951aeaf3299c7410448 (v1.22.0)
 CVE-2026-32738 (libheif is a HEIF and AVIF file format decoder and encoder. In version ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1137524)
 	NOTE: https://github.com/strukturag/libheif/security/advisories/GHSA-7f2h-cmpf-v9ww
 	NOTE: https://github.com/strukturag/libheif/commit/bdaa37728442800497ea224bd232ca25e2f9bdff (v1.22.0)
 CVE-2026-32134 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform.  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fb029bba3d3e8ce904bc33befbc563176a62324

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fb029bba3d3e8ce904bc33befbc563176a62324
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260524/0de44967/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list