[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-10923/gimp

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d77d3fcc by Salvatore Bonaccorso at 2025-09-27T14:10:49+02:00
Update status for CVE-2025-10923/gimp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -397,8 +397,11 @@ CVE-2025-10924 [ZDI-CAN-27836: GIMP FF File Parsing Integer Overflow Remote Code
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/53b18653bca9404efeab953e75960b1cf7dedbed
 CVE-2025-10923 [ZDI-CAN-27878: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability]
 	- gimp <unfixed>
+	[bookworm] - gimp <not-affected> (Vulnerable code not present)
+	[bullseye] - gimp <not-affected> (Vulnerable code not present)
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14812
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2445
+	NOTE: Introduced after: https://gitlab.gnome.org/GNOME/gimp/-/commit/d1fac7bfa916495943472dfb12b1dd33307c65e8 (GIMP_2_99_12)
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/fb31ddf32298bb2f0f09b3ccc53464b8693a050e
 CVE-2025-10922 [ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]
 	- gimp <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d77d3fccfefaa44701c9279b3f15085ba42093bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d77d3fccfefaa44701c9279b3f15085ba42093bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250927/a7bb087d/attachment.htm>