[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4887/gimp
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 26 21:28:42 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fe9b99df by Salvatore Bonaccorso at 2026-03-26T22:28:03+01:00
Add CVE-2026-4887/gimp
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,11 @@ CVE-2026-4897 (A flaw was found in polkit. A local user can exploit this by prov
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2451739
TODO: check upstream details
CVE-2026-4887 (A flaw was found in GIMP. This issue is a heap buffer over-read in GIM ...)
- TODO: check
+ - gimp <unfixed>
+ [bookworm] - gimp <not-affected> (Vulnerable code introduced later)
+ NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15960
+ NOTE: Introduced with: https://gitlab.gnome.org/GNOME/gimp/-/commit/da217088d0fab77b7a696e782f6e2fb3b597f48f (GIMP_2_99_16)
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/aabce89271a9943a43bda9225aa43fc524f1c8a4 (GIMP_3_2_0)
CVE-2026-4877 (A security flaw has been discovered in itsourcecode Payroll Management ...)
NOT-FOR-US: itsourcecode System
CVE-2026-4876 (A vulnerability was identified in itsourcecode Free Hotel Reservation ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe9b99df2f9aa5b9f7947a7bd20ec0531aa31e8d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe9b99df2f9aa5b9f7947a7bd20ec0531aa31e8d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260326/b1fe0c59/attachment.htm>
More information about the debian-security-tracker-commits
mailing list