Package "gimp-data"
Name: |
gimp-data
|
Description: |
Data files for GIMP
|
Latest version: |
2.10.30-1ubuntu0.1 |
Release: |
jammy (22.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
gimp |
Homepage: |
https://www.gimp.org/ |
Links
Download "gimp-data"
Other versions of "gimp-data" in Jammy
Changelog
gimp (2.10.30-1ubuntu0.1) jammy-security; urgency=medium
[ LuÃs Infante da Câmara ]
* SECURITY UPDATE: Buffer overflow leading to insufficient memory or
program crash via a crafted XCF file (LP: #1982422)
- debian/patches/CVE-2022-30067.patch: Stop loading paths and skip to
the next property when xcf_old_path fails.
- CVE-2022-30067
* SECURITY UPDATE: Denial of service via a crafted XCF file
(LP: #1982422)
- debian/patches/CVE-2022-32990-1.patch: Check maximum dimensions when
loading XCF files.
- debian/patches/CVE-2022-32990-2.patch: Check for invalid offsets when
loading XCF files.
- debian/patches/CVE-2022-32990-3.patch: Return TRUE in
gimp_channel_is_empty when channel is NULL.
- CVE-2022-32990
[ Marc Deslauriers ]
* SECURITY UPDATE: DDS File Parsing Heap-based Buffer Overflow
- debian/patches/CVE-2023-44441-1.patch: verify header information in
plug-ins/file-dds/ddsread.c.
- debian/patches/CVE-2023-44441-2.patch: fix checks in
plug-ins/file-dds/ddsread.c.
- debian/patches/CVE-2023-44441-3.patch: add additional fixes in
plug-ins/file-dds/ddsread.c.
- CVE-2023-44441
* SECURITY UPDATE: PSD File Parsing Heap-based Buffer Overflow
- debian/patches/CVE-2023-44442.patch: add missing break statement in
plug-ins/file-psd/psd-util.c.
- CVE-2023-44442
* SECURITY UPDATE: PSP File Parsing Integer Overflow and Off-By-One
- debian/patches/CVE-2023-44443_44444.patch: check
color_palette_entries and fix buffer size in
plug-ins/common/file-psp.c.
- CVE-2023-44443
- CVE-2023-44444
-- Marc Deslauriers <email address hidden> Tue, 28 Nov 2023 07:38:10 -0500
|
1982422 |
Multiple vulnerabilities in Focal and Jammy |
CVE-2022-30067 |
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, result |
CVE-2022-32990 |
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a |
CVE-2023-44441 |
GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVE-2023-44442 |
GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
CVE-2023-44443 |
GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability |
CVE-2023-44444 |
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability |
|
About
-
Send Feedback to @ubuntu_updates