Package "libgimp2.0-doc"
Name: |
libgimp2.0-doc
|
Description: |
Developers' Documentation for the GIMP library
|
Latest version: |
2.8.10-0ubuntu1.2 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Head package: |
gimp |
Homepage: |
http://www.gimp.org/ |
Links
Download "libgimp2.0-doc"
Other versions of "libgimp2.0-doc" in Trusty
Changelog
gimp (2.8.10-0ubuntu1.2) trusty-security; urgency=medium
* SECURITY UPDATE: Heap-buffer over-read in load_image file-gbr.c
- debian/patches/CVE-2017-17784.patch: fix in plug-ins/common/file-gbr.c.
- CVE-2017-17784
* SECURITY UPDATE: Heap-based buffer overflow in fli_read_brun function
- debian/patches/CVE-2017-17785.patch: fix in plug-ins/file-fli/fli.c.
- CVE-2017-17785
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2017-17786.patch: fix in plug-ins/common/file-tga.c.
- CVE-2017-17786
* SECURITY UPDATE: Heap-based buffer over-read in read_creator_block
- debian/patches/CVE-2017-17787.patch: fix in plug-ins/common/file-psp.c.
- CVE-2017-17787
* SECURITY UPDATE: Stack-based buffer over-read in xcf_load_stream
- debian/patches/CVE-2017-17788.patch: fix in app/xcf/xcf.c.
- CVE-2017-17788
* SECURITY UPDATE: Heap-based buffer overflow in read_channel_data
- debian/patches/CVE-2017-17789.patch: fix in plug-ins/common/file-psp.c.
- CVE-2017-17789
-- <email address hidden> (Leonidas S. Barbosa) Thu, 18 Jan 2018 13:03:13 -0300
|
Source diff to previous version |
CVE-2017-17784 |
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling o |
CVE-2017-17785 |
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. |
CVE-2017-17786 |
In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits- |
CVE-2017-17787 |
In GIMP 2.8.22, there is a heap-based buffer over-read in read_creator_block in plug-ins/common/file-psp.c. |
CVE-2017-17788 |
In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. |
CVE-2017-17789 |
In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. |
|
gimp (2.8.10-0ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: multiple issues in XCF channel and layer properties
- debian/patches/CVE-2016-4994.patch: properly clear pointers in
app/xcf/xcf-load.c.
- CVE-2016-4994
-- Marc Deslauriers <email address hidden> Thu, 30 Jun 2016 12:41:29 -0400
|
CVE-2016-4994 |
Use-after-free vulnerabilities in the channel and layer properties parsing process |
|
About
-
Send Feedback to @ubuntu_updates