Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9a66dd12 by Moritz Muehlenhoff at 2025-06-03T20:19:07+02:00
update gimp references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1432,10 +1432,13 @@ CVE-2025-5222 (A stack buffer overflow was found in
Internationl components for
NOTE: Fixed by:
https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77
(release-77-rc)
CVE-2025-48796 (A flaw was found in GIMP. The GIMP ani_load_image() function
is vulner ...)
- gimp 3.0.0~RC1-4
+ [bookworm] - gimp <not-affected> (Vulnerable code not present)
+ [bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2368559
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/9257
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/879
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/0dc98936a0d9f5a70025f4e9cf321d1118ea500e
(GIMP_2_99_16)
+ NOTE: Introduced in:
https://gitlab.gnome.org/GNOME/gimp/-/commit/aa51b9e19ece8a8c54a513fe33b6d65abcb0fbfb
(GIMP_2_99_12)
CVE-2025-48797 (A flaw was found in GIMP when processing certain TGA image
files. If a ...)
- gimp 3.0.0~RC1-4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2368558
@@ -1444,6 +1447,10 @@ CVE-2025-48797 (A flaw was found in GIMP when processing
certain TGA image files
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/723d383e57e8f599c4a44ab8541ea6902e29579e
(GIMP_3_0_0_RC1)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/2ba35e5b3d43d881b0623f47b8068d9ee19d1d70
(GIMP_3_0_0_RC1)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/1f062867172d5c68b858a6efa3011686aa32bb38
(GIMP_3_0_0_RC1)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/8d309dd0385fdd298520b69148542375f56ef977
(gimp-2-10)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/97f8c2e468cffce70c6772e74cbff8eda4e8c180
(gimp-2-10)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/d7f0829ae995ca7ca9c64851a1ed03b11702ef1c
(gimp-2-10)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/ffb7cad1a402377927bc2dc62dad324ae03cec92
(gimp-2-10)
CVE-2025-48798 (A flaw was found in GIMP when processing XCF image files. If a
user op ...)
- gimp 3.0.0~RC1-4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2368557
@@ -1451,6 +1458,8 @@ CVE-2025-48798 (A flaw was found in GIMP when processing
XCF image files. If a u
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/7d949423ed2231dd463968d86b58e0a3e01e6266
(GIMP_3_0_0_RC1)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/fe26086e16943860f3852120f546ce913a7a73ee
(GIMP_3_0_0_RC1)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/e7523ed41271e48a909011b8598d496c1be642e2
(GIMP_3_0_0_RC2)
+ NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/ebf0b569a63f15b5dc7532f16936104af1e09f02
(gimp-2-10)
+ NOTE: "xcf-load: avoid use-after-free for layers with multiple
PROP_ACTIVE_LAYER" not needed in 2.10, which only supports one layer
CVE-2025-5198 (A flaw was found in Stackrox, where it is vulnerable to
Cross-site scr ...)
NOT-FOR-US: Stackrox
CVE-2025-5203 (A vulnerability was found in Open Asset Import Library Assimp
5.4.3. I ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a66dd1261bd7c2dce146b6917de74a014054963
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a66dd1261bd7c2dce146b6917de74a014054963
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
