[Git][security-tracker-team/security-tracker][master] Add references to upstream issues for gimp issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 24 21:22:09 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
259b7a62 by Salvatore Bonaccorso at 2025-12-24T22:21:22+01:00
Add references to upstream issues for gimp issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1848,18 +1848,22 @@ CVE-2025-14488 (RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Pr
CVE-2025-14425 (GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution ...)
- gimp 3.2.0~RC2-1
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1139/
+ NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15285
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd (GIMP_3_2_0_RC1)
CVE-2025-14424 (GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerabili ...)
- gimp 3.2.0~RC2-1
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1138/
+ NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15288
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/5cc55d078b7fba995cef77d195fac325ee288ddd (GIMP_3_2_0_RC1)
CVE-2025-14423 (GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Executio ...)
- gimp 3.2.0~RC2-1
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1137/
+ NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15292
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/481cdbbb97746be1145ec3a633c567a68633c521 (GIMP_3_2_0_RC2)
CVE-2025-14422 (GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerabi ...)
- gimp 3.2.0~RC2-1
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1136/
+ NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15286
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/4ff2d773d58064e6130495de498e440f4a6d5edb (GIMP_3_2_0_RC2)
CVE-2025-14421 (pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read Information ...)
NOT-FOR-US: pdfforge PDF Architect
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/259b7a6296aafa5e654ff58fedb843be7d95756a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/259b7a6296aafa5e654ff58fedb843be7d95756a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251224/6ee7fae9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list