Source: gegl Version: 1:0.4.62-2 Severity: grave Tags: security upstream Forwarded: https://gitlab.gnome.org/GNOME/gegl/-/issues/430 X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for gegl. CVE-2025-10921[0]: | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code | Execution Vulnerability I'm not sure on the exploitability, making it RC to be on safe side. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-10921 https://www.cve.org/CVERecord?id=CVE-2025-10921 [1] https://gitlab.gnome.org/GNOME/gegl/-/issues/430 [2] https://gitlab.gnome.org/GNOME/gegl/-/commit/0e68b7471dabf2800d780819c19bd5e6462f565f Please adjust the affected versions in the BTS as needed. Regards, Salvatore
