libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.Referenceshttps://github.com/strukturag/libde265/issues/238https://lists.debian.org/debian-lts-announce/2023/01/msg00020.htmlhttps://www.debian.org/security/2023/dsa-5346
