[Git][security-tracker-team/security-tracker][master] Update status for gimp issues in unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 30 04:53:28 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
373a95b9 by Salvatore Bonaccorso at 2025-09-30T05:51:08+02:00
Update status for gimp issues in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -695,7 +695,7 @@ CVE-2025-10925 [ZDI-CAN-27793: GIMP ILBM File Parsing Stack-based Buffer Overflo
NOTE: Building of optional Plug-In for Amiga IFF/ILBM not enabled.
CVE-2025-10924 [ZDI-CAN-27836: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability]
{DSA-6014-1}
- - gimp <unfixed> (bug #1116461)
+ - gimp 3.0.4-6.1 (bug #1116461)
[bookworm] - gimp <not-affected> (Vulnerable code not present)
[bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14813
@@ -704,7 +704,7 @@ CVE-2025-10924 [ZDI-CAN-27836: GIMP FF File Parsing Integer Overflow Remote Code
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/53b18653bca9404efeab953e75960b1cf7dedbed
CVE-2025-10923 [ZDI-CAN-27878: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability]
{DSA-6014-1}
- - gimp <unfixed> (bug #1116460)
+ - gimp 3.0.4-6.1 (bug #1116460)
[bookworm] - gimp <not-affected> (Vulnerable code not present)
[bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14812
@@ -713,13 +713,13 @@ CVE-2025-10923 [ZDI-CAN-27878: GIMP WBMP File Parsing Integer Overflow Remote Co
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/fb31ddf32298bb2f0f09b3ccc53464b8693a050e
CVE-2025-10922 [ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]
{DSA-6014-1}
- - gimp <unfixed> (bug #1116459)
+ - gimp 3.0.4-6.1 (bug #1116459)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14811
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2444
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/0f309f9a8d82f43fa01383bc5a5c41d28727d9e3
CVE-2025-10920 [ZDI-CAN-27684: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]
{DSA-6014-1}
- - gimp <unfixed> (bug #1116458)
+ - gimp 3.0.4-6.1 (bug #1116458)
[bookworm] - gimp <not-affected> (Vulnerable code not present)
[bullseye] - gimp <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14818
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373a95b94166500724346893aa66661e1b94167c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373a95b94166500724346893aa66661e1b94167c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250930/b5367115/attachment.htm>
More information about the debian-security-tracker-commits
mailing list