[Git][security-tracker-team/security-tracker][master] gimp DSA

Tue, 28 Oct 2025 12:27:55 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c34c30e3 by Moritz Mühlenhoff at 2025-10-28T20:27:02+01:00
gimp DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -45791,7 +45791,6 @@ CVE-2025-6052 (A flaw was found in how GLib\u2019s 
GString manages memory when a
 CVE-2025-6035 (A flaw was found in GIMP. An integer overflow vulnerability 
exists in  ...)
        {DLA-4342-1}
        - gimp 3.0.4-2
-       [bookworm] - gimp <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/13518
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/548bc3a46d54711d974aae9ce1bce291376c0436
 (GIMP_3_0_4)
 CVE-2025-6030 (Use of fixed learning codes, one code to lock the car and the 
other co ...)
@@ -65846,7 +65845,6 @@ CVE-2025-2761 (GIMP FLI File Parsing Out-Of-Bounds 
Write Remote Code Execution V
 CVE-2025-2760 (GIMP XWD File Parsing Integer Overflow Remote Code Execution 
Vulnerabi ...)
        {DLA-4342-1}
        - gimp 3.0.4-3 (bug #1107758)
-       [bookworm] - gimp <no-dsa> (Minor issue)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-203/
        NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/12790
        NOTE: Original fix incomplete (for 32bit systems):


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[28 Oct 2025] DSA-6043-1 gimp - security update
+       {CVE-2025-2760 CVE-2025-6035 CVE-2025-10922}
+       [bookworm] - gimp 2.10.34-1+deb12u4
 [28 Oct 2025] DSA-6042-1 webkit2gtk - security update
        {CVE-2025-43272 CVE-2025-43342 CVE-2025-43343 CVE-2025-43356 
CVE-2025-43368}
        [bookworm] - webkit2gtk 2.50.1-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -24,8 +24,6 @@ frr/oldstable
 gh/oldstable
   Santiago Vila might work on preparing an update
 --
-gimp/oldstable (jmm)
---
 jackson-core
 --
 libreswan/oldstable



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c34c30e3bed3e65be94d5a6d496e6b2e8b472d6c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c34c30e3bed3e65be94d5a6d496e6b2e8b472d6c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to