[Git][security-tracker-team/security-tracker][master] Add new gimp issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 24 08:30:57 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
42ed937b by Salvatore Bonaccorso at 2025-12-24T09:30:25+01:00
Add new gimp issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -125,13 +125,21 @@ CVE-2025-14489 (RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Pr
CVE-2025-14488 (RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privileg ...)
TODO: check
CVE-2025-14425 (GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution ...)
- TODO: check
+ - gimp 3.2.0~RC2-1
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1139/
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd (GIMP_3_2_0_RC1)
CVE-2025-14424 (GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerabili ...)
- TODO: check
+ - gimp 3.2.0~RC2-1
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1138/
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/5cc55d078b7fba995cef77d195fac325ee288ddd (GIMP_3_2_0_RC1)
CVE-2025-14423 (GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Executio ...)
- TODO: check
+ - gimp 3.2.0~RC2-1
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1137/
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/481cdbbb97746be1145ec3a633c567a68633c521 (GIMP_3_2_0_RC2)
CVE-2025-14422 (GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerabi ...)
- TODO: check
+ - gimp 3.2.0~RC2-1
+ NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1136/
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/4ff2d773d58064e6130495de498e440f4a6d5edb (GIMP_3_2_0_RC2)
CVE-2025-14421 (pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read Information ...)
TODO: check
CVE-2025-14420 (pdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Cod ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42ed937b025a4875a59496080ca8eaceb79d8a27
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42ed937b025a4875a59496080ca8eaceb79d8a27
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251224/1bc83373/attachment.htm>
More information about the debian-security-tracker-commits
mailing list