Login


 
Newsletter
Werbung
Sicherheit: Pufferüberlauf in GIMP
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in GIMP
ID: FEDORA-2013-2000
Distribution: Fedora
Plattformen: Fedora 17
Datum: Do, 21. Februar 2013, 09:18
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576

Originalnachricht

Name        : gimp
Product : Fedora 17
Version : 2.8.4
Release : 1.fc17
URL : http://www.gimp.org/
Summary : GNU Image Manipulation Program
Description :
GIMP (GNU Image Manipulation Program) is a powerful image composition and
editing program, which can be extremely useful for creating logos and other
graphics for webpages. GIMP has many of the tools and filters you would expect
to find in similar commercial offerings, and some interesting extras as well.
GIMP provides a large image manipulation toolbox, including channel operations
and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all
with multi-level undo.

-------------------------------------------------------------------------------
-
Update Information:

Among other things this update fixes a vulnerability with corrupt XWD files and
a crash with newer versions of fontconfig when gimp is quit.

Overview of Changes from GIMP 2.8.2 to GIMP 2.8.4
=================================================


GUI:

- Better names for the default filters in save and export
- Make tool drawing (esp. the brush outline) much more responsive
- Remember the "maximized" state across sessions
- Simplify the splash image code a lot, makes it appear immediately again
- Allow the text tool to start on an image without layers
- Various fixes for text style attribute handling
- Set unconfigured input devices to eraser if GTK+ says they are erasers


Libgimp:

- Make libgimp drawable combo boxes aware of layer groups
- Fix item width in GimpPageSelector (used e.g. in PDF import)


Plug-ins:

- Better default values in the Drop Shadow script
- Fix a whole bunch of bugs in the BMP plug-in


General:

- Lots of bug fixes
- Lots of translation updates
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Feb 6 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.4-1
- version 2.8.4
* Mon Jan 28 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.2-7
- build with -fno-strict-aliasing
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 2:2.8.2-6.1
- rebuild due to "jpeg8-ABI" feature drop
* Wed Nov 21 2012 Nils Philippsen <nils@redhat.com>
- make rpmlint happy again
* Mon Nov 19 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.2-6
- fix gimprc syntax error introduced in previous patch
* Thu Nov 15 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.2-5
- try using the system monitor profile for color management by default (patch
by Richard Hughes)
* Wed Nov 14 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.2-4
- fix marking file dialogs as transient if opened from context menu (#835736)
* Tue Nov 13 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.2-3
- don't trip over too much installed memory, reenable all tests
- realign selection after "Crop to Selection" (#873212, fix by Michael
Natterer)
* Sat Oct 20 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.2-2
- run "make check", skip problematic tests
- don't build help browser on EL
* Fri Aug 24 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.2-1
- version 2.8.2
* Mon Aug 20 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.0-3
- fix crash in fits loader (#834627)
- fix overflow in CEL plug-in (CVE-2012-3403)
- fix overflow in GIF loader (CVE-2012-3481)
* Thu Jul 19 2012 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 2:2.8.0-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 25 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.0-2
- build with poppler >= 0.20.0 from Fedora 18 on as it is GPLv2/GPLv3
dual-licensed
* Thu May 10 2012 Nils Philippsen <nils@redhat.com> - 2:2.8.0-1
- version 2.8.0
* Wed Apr 25 2012 Nils Philippsen <nils@redhat.com>
- update BR: librsvg2-devel >= 2.36.0
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #879302 - CVE-2012-5576 gimp (XWD plug-in): Stack-based buffer
overflow when loading XWD file
https://bugzilla.redhat.com/show_bug.cgi?id=879302
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update gimp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Frohe Ostern
Neue Nachrichten
Werbung