libheif: patch CVE-2025-68431

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-68431 Backport the patch referenced by the NVD advisory. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
author: Gyorgy Sarvari <skandigraun@gmail.com> 2026-03-06 19:33:43 +0100
committer: Anuj Mittal <anuj.mittal@oss.qualcomm.com> 2026-03-09 07:49:30 +0530
commit: 7d3016495f194d74b8963d11931daabfb52742f5 (patch)
tree: dd55e1b66d1df437fa0dbbe5c0d1dd54bac1501e
parent: 258cdd1e07fe532fc6e47037707caff792e86cc8 (diff)
download: meta-openembedded-7d3016495f194d74b8963d11931daabfb52742f5.tar.gz
2 files changed, 29 insertions, 1 deletions
diff --git a/meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch b/meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch
new file mode 100644
index 0000000000..829d94c113
--- /dev/null
+++ b/meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch
@@ -0,0 +1,26 @@
+From 6747399f04736d9bc59e36befae2946c448553a5 Mon Sep 17 00:00:00 2001
+From: Dirk Farin <dirk.farin@gmail.com>
+Date: Tue, 11 Nov 2025 19:47:50 +0100
+Subject: [PATCH] fix wrong copy width in overlay images (thanks to Aldo
+ Ristori for reporting this)
+CVE: CVE-2025-68431
+Upstream-Status: Backport [https://github.com/strukturag/libheif/commit/b8c12a7b70f46c9516711a988483bed377b78d46]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ libheif/pixelimage.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/libheif/pixelimage.cc b/libheif/pixelimage.cc
+index b46aaf06..d147f66e 100644
+--- a/libheif/pixelimage.cc
+++ b/libheif/pixelimage.cc
+@@ -1348,7 +1348,7 @@ Error HeifPixelImage::overlay(std::shared_ptr<HeifPixelImage>& overlay, int32_t
+       if (!has_alpha) {
+         memcpy(out_p + out_x0 + (out_y0 + y - in_y0) * out_stride,
+                in_p + in_x0 + y * in_stride,
+-               in_w - in_x0);
+               in_w);
+       }
+       else {
+         for (uint32_t x = in_x0; x < in_w; x++) {
diff --git a/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb b/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb
index b268b37d8e..b9083ddd23 100644
--- a/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb
+++ b/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb
@@ -6,7 +6,9 @@ LICENSE_FLAGS = "commercial"
 COMPATIBLE_MACHINE:powerpc64le = "null"
-SRC_URI = "git://github.com/strukturag/libheif.git;protocol=https;branch=v1.20.x-releases"
+SRC_URI = "git://github.com/strukturag/libheif.git;protocol=https;branch=v1.20.x-releases \
+           file://CVE-2025-68431.patch \
+           "
 SRCREV = "35dad50a9145332a7bfdf1ff6aef6801fb613d68"
author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-03-06 19:33:43 +0100
committer	Anuj Mittal <anuj.mittal@oss.qualcomm.com>	2026-03-09 07:49:30 +0530
commit	7d3016495f194d74b8963d11931daabfb52742f5 (patch)
tree	dd55e1b66d1df437fa0dbbe5c0d1dd54bac1501e
parent	258cdd1e07fe532fc6e47037707caff792e86cc8 (diff)
download	meta-openembedded-7d3016495f194d74b8963d11931daabfb52742f5.tar.gz

diff --git a/meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch b/meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch new file mode 100644 index 0000000000..829d94c113 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/libheif/libheif/CVE-2025-68431.patch
@@ -0,0 +1,26 @@
		1	From 6747399f04736d9bc59e36befae2946c448553a5 Mon Sep 17 00:00:00 2001
		2	From: Dirk Farin <dirk.farin@gmail.com>
		3	Date: Tue, 11 Nov 2025 19:47:50 +0100
		4	Subject: [PATCH] fix wrong copy width in overlay images (thanks to Aldo
		5	Ristori for reporting this)
		6
		7	CVE: CVE-2025-68431
		8	Upstream-Status: Backport [https://github.com/strukturag/libheif/commit/b8c12a7b70f46c9516711a988483bed377b78d46]
		9	Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
		10	---
		11	libheif/pixelimage.cc \| 2 +-
		12	1 file changed, 1 insertion(+), 1 deletion(-)
		13
		14	diff --git a/libheif/pixelimage.cc b/libheif/pixelimage.cc
		15	index b46aaf06..d147f66e 100644
		16	--- a/libheif/pixelimage.cc
		17	+++ b/libheif/pixelimage.cc
		18	@@ -1348,7 +1348,7 @@ Error HeifPixelImage::overlay(std::shared_ptr<HeifPixelImage>& overlay, int32_t
		19	if (!has_alpha) {
		20	memcpy(out_p + out_x0 + (out_y0 + y - in_y0) * out_stride,
		21	in_p + in_x0 + y * in_stride,
		22	- in_w - in_x0);
		23	+ in_w);
		24	}
		25	else {
		26	for (uint32_t x = in_x0; x < in_w; x++) {


diff --git a/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb b/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb index b268b37d8e..b9083ddd23 100644 --- a/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb +++ b/meta-multimedia/recipes-multimedia/libheif/libheif_1.20.2.bb
@@ -6,7 +6,9 @@ LICENSE_FLAGS = "commercial"
6		6
7	COMPATIBLE_MACHINE:powerpc64le = "null"	7	COMPATIBLE_MACHINE:powerpc64le = "null"
8		8
9	SRC_URI = "git://github.com/strukturag/libheif.git;protocol=https;branch=v1.20.x-releases"	9	SRC_URI = "git://github.com/strukturag/libheif.git;protocol=https;branch=v1.20.x-releases \
		10	file://CVE-2025-68431.patch \
		11	"
10		12
11	SRCREV = "35dad50a9145332a7bfdf1ff6aef6801fb613d68"	13	SRCREV = "35dad50a9145332a7bfdf1ff6aef6801fb613d68"
12		14