UbuntuUpdates.org

Package "gimp"

Name: gimp

Description:

The GNU Image Manipulation Program
Latest version: 2.6.12-1ubuntu1.4
Release: precise (12.04)
Level: updates
Repository: main
Homepage: http://www.gimp.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "gimp"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "gimp" in Precise

Repository Area Version
base main 2.6.12-1ubuntu1
security main 2.6.12-1ubuntu1.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.6.12-1ubuntu1.4 2016-07-05 20:06:26 UTC

  gimp (2.6.12-1ubuntu1.4) precise-security; urgency=medium

  * SECURITY UPDATE: issue in XCF channel properties
    - debian/patches/CVE-2016-4994.patch: properly clear pointer in
      app/xcf/xcf-load.c.
    - CVE-2016-4994

 -- Marc Deslauriers <email address hidden> Thu, 30 Jun 2016 12:46:16 -0400
Source diff to previous version
CVE-2016-4994 Use-after-free vulnerabilities in the channel and layer properties parsing process

Version: 2.6.12-1ubuntu1.3 2013-12-09 14:06:46 UTC

  gimp (2.6.12-1ubuntu1.3) precise-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    huge color maps in xwd plugin
    - debian/patches/CVE-2013-1913.patch: limit number of color map entries
      in plug-ins/common/file-xwd.c.
    - CVE-2013-1913
  * SECURITY UPDATE: denial of service and possible code execution via
    large number of color map entries in xwd plugin
    - debian/patches/CVE-2013-1978.patch: validate number of color map
      entries in plug-ins/common/file-xwd.c
    - CVE-2013-1978
 -- Marc Deslauriers <email address hidden> Fri, 06 Dec 2013 13:32:56 -0500
Source diff to previous version
CVE-2013-1913 xwd plugin g_new() integer overflow
CVE-2013-1978 XWD plugin color map heap-based buffer overflow

Version: 2.6.12-1ubuntu1.2 2012-12-10 17:07:23 UTC

  gimp (2.6.12-1ubuntu1.2) precise-security; urgency=low

  * SECURITY UPDATE: code execution via malformed xwd files
    - debian/patches/CVE-2012-5576.patch: validate sizes in
      plug-ins/common/file-xwd.c.
    - CVE-2012-5576
 -- Marc Deslauriers <email address hidden> Thu, 06 Dec 2012 13:32:41 -0500
Source diff to previous version
CVE-2012-5576 gimp: memory corruption vulnerability

Version: 2.6.12-1ubuntu1.1 2012-09-10 15:06:57 UTC

  gimp (2.6.12-1ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via malformed .fit file header
    - debian/patches/CVE-2012-3236.patch: check for valid XTENSION header
      in plug-ins/file-fits/fits-io.c.
    - CVE-2012-3236
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted KiSS palette file
    - debian/patches/CVE-2012-3403.patch: validate return codes and header
      data in plug-ins/common/file-cel.c.
    - CVE-2012-3403
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted GIF image file
    - debian/patches/CVE-2012-3481.patch: validate sizes, and prevent
      overflows in plug-ins/common/file-gif-load.c.
    - CVE-2012-3481
 -- Marc Deslauriers <email address hidden> Wed, 05 Sep 2012 13:39:58 -0400
CVE-2012-3236 fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed X
CVE-2012-3403 Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and poss
CVE-2012-3481 Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote


About   -   Send Feedback to @ubuntu_updates