[Git][security-tracker-team/security-tracker][master] CVE assigned for gimp issue

Fri Jun 6 21:22:13 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bd00b493 by Salvatore Bonaccorso at 2025-06-06T22:21:48+02:00
CVE assigned for gimp issue

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -88,8 +88,6 @@ CVE-2025-5480 (Action1 Uncontrolled Search Path Element Local Privilege Escalati
 	NOT-FOR-US: Action1
 CVE-2025-5474 (2BrightSparks SyncBackFree Link Following Local Privilege Escalation V ...)
 	NOT-FOR-US: 2BrightSparks SyncBackFree
-CVE-2025-5473 (GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerabi ...)
-	TODO: check
 CVE-2025-5239 (The Domain For Sale plugin for WordPress is vulnerable to Stored Cross ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-5192 (A missing authentication for critical function vulnerability in the cl ...)
@@ -8848,9 +8846,8 @@ CVE-2025-37801 (In the Linux kernel, the following vulnerability has been resolv
 CVE-2025-37800 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
 	- linux 6.12.27-1
 	NOTE: https://git.kernel.org/linus/18daa52418e7e4629ed1703b64777294209d2622 (6.15-rc4)
-CVE-2025-XXXX [ZDI-CAN-26752]
+CVE-2025-5473 [ZDI-CAN-26752]
 	- gimp 3.0.2-3.1 (bug #1105005)
-	[bookworm] - gimp 2.10.34-1+deb12u3
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/13910
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/c855d1df60ebaf5ef8d02807d448eb088f147a2b
 CVE-2025-1278 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)


=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
 [06 Jun 2025] DSA-5939-1 gimp - security update
-	{CVE-2025-2760 CVE-2025-2761 CVE-2025-48797 CVE-2025-48798}
+	{CVE-2025-2760 CVE-2025-2761 CVE-2025-5473 CVE-2025-48797 CVE-2025-48798}
 	[bookworm] - gimp 2.10.34-1+deb12u3
 [06 Jun 2025] DSA-5938-1 python-tornado - security update
 	{CVE-2025-47287}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd00b493e0a059bd38285ad2ad93f371f44bba1d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd00b493e0a059bd38285ad2ad93f371f44bba1d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250606/e8b2dd9f/attachment.htm>
