1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4077-1] gimp security update

    From Salvatore Bonaccorso@1:229/2 to All on Sat Dec 30 18:10:02 2017
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4077-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 30, 2017 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : gimp
    CVE ID : CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787
    CVE-2017-17788 CVE-2017-17789
    Debian Bug : 884836 884837 884862 884925 884927 885347

    Several vulnerabilities were discovered in GIMP, the GNU Image
    Manipulation Program, which could result in denial of service
    (application crash) or potentially the execution of arbitrary code if
    malformed files are opened.

    For the oldstable distribution (jessie), these problems have been fixed
    in version 2.8.14-1+deb8u2.

    For the stable distribution (stretch), these problems have been fixed in version 2.8.18-1+deb9u1.

    We recommend that you upgrade your gimp packages.

    For the detailed security status of gimp please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/gimp

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlpHxT1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0T4Hg/+OjUfR67t4KA3+42uwUcQYC51mLSjXwbVdA98B+wARNfrngsnxtYoQWyb 7TvjJjsqTljsg5aQgM41hNGCiLDsS1W+tR8y5+HlcDw4qVElFgpmMKZFggFwQiR7 8JzbrlxIfRMraC02pxmSvsMh4WtiXJ0CK+kXP7REFcFCPlBNU7ewh1MipkchU+8t FfpnWv2QzhJQeVklWuChklIc4MDX3RvE82n3ay9f157RbX5tU5Sd081b7OYqntSN ayAbTkmNnbOFbs/iLG54du3vxUub+r+27oWvAVlhjA7b1hYZcusvCCLIXK5uWSer SVna6SwK4WL/GDdjD4My18EoySi0BkNtM8xZXyJ6pqHXa1mzZ4bwCNWSDZ/kALl/ nkZdWzMAjezynipRwlbNsQcjJ2GX7hd8UZFbF30dGXgc9A/lPtcIWSYIDAntM1nc 48gXflUMTy3YZptBlTx5bG9jtamhpCeHd3KEwiWw8XXtZanZ57oCWMlEw+UwAc8x paFEIZ2P+SbtHnc+lQ+3U7ZtJF0CE1cYAqkZIlTNQLw5G383N80Y+OMRfwww08/P PSbUO6KnKhH5tzBfgiZkY1QG23ij8qR8p6sXpPxbyv784s4rkO/kU+8sUQilMphk 2WmBsOYlMsQ91WKTc7MU9mpQi6Dz8EG1bovrZdYw8HUjnkKO8X8=
    =tgMV
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)