[Git][security-tracker-team/security-tracker][master] Add Debian bug references for gimp issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Sep 27 16:22:21 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bf9e209f by Salvatore Bonaccorso at 2025-09-27T17:22:10+02:00
Add Debian bug references for gimp issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -388,7 +388,7 @@ CVE-2025-10925 [ZDI-CAN-27793: GIMP ILBM File Parsing Stack-based Buffer Overflo
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/002b22c15028b18557bd0823a081af9ed5316679
NOTE: Building of optional Plug-In for Amiga IFF/ILBM not enabled.
CVE-2025-10924 [ZDI-CAN-27836: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability]
- - gimp <unfixed>
+ - gimp <unfixed> (bug #1116461)
[bookworm] - gimp <not-affected> (Vulnerable code not present)
[bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14813
@@ -396,7 +396,7 @@ CVE-2025-10924 [ZDI-CAN-27836: GIMP FF File Parsing Integer Overflow Remote Code
NOTE: Introduced after: https://gitlab.gnome.org/GNOME/gimp/-/commit/d1864866ee051160d06417d82b45bb22b11f0d28 (GIMP_2_99_18)
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/53b18653bca9404efeab953e75960b1cf7dedbed
CVE-2025-10923 [ZDI-CAN-27878: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability]
- - gimp <unfixed>
+ - gimp <unfixed> (bug #1116460)
[bookworm] - gimp <not-affected> (Vulnerable code not present)
[bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14812
@@ -404,12 +404,12 @@ CVE-2025-10923 [ZDI-CAN-27878: GIMP WBMP File Parsing Integer Overflow Remote Co
NOTE: Introduced after: https://gitlab.gnome.org/GNOME/gimp/-/commit/d1fac7bfa916495943472dfb12b1dd33307c65e8 (GIMP_2_99_12)
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/fb31ddf32298bb2f0f09b3ccc53464b8693a050e
CVE-2025-10922 [ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]
- - gimp <unfixed>
+ - gimp <unfixed> (bug #1116459)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14811
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2444
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/0f309f9a8d82f43fa01383bc5a5c41d28727d9e3
CVE-2025-10920 [ZDI-CAN-27684: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]
- - gimp <unfixed>
+ - gimp <unfixed> (bug #1116458)
[bookworm] - gimp <not-affected> (Vulnerable code not present)
[bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14818
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf9e209f75e1290b1e34f3376252e04ad14d2529
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf9e209f75e1290b1e34f3376252e04ad14d2529
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250927/cc7ec59a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list