Denial of Service in GIMP
ID: | FEDORA-2017-48ba0035fd |
Distribution: | Fedora |
Plattformen: | Fedora 26 |
Datum: | Di, 16. Mai 2017, 07:07 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3126
https://bugzilla.redhat.com/show_bug.cgi?id=1448977 https://bugzilla.redhat.com/show_bug.cgi?id=1398556 |
Applikationen: | GIMP |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-48ba0035fd 2017-05-16 00:54:07.300164 -------------------------------------------------------------------------------- Name : gimp Product : Fedora 26 Version : 2.8.22 Release : 2.fc26 URL : http://www.gimp.org/ Summary : GNU Image Manipulation Program Description : GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. -------------------------------------------------------------------------------- Update Information: Overview of Changes from GIMP 2.8.20 to GIMP 2.8.22 =================================================== GUI: - improve drawing performance in single window mode, especially with pixmap themes Plug-ins: - Fix for CVE-2007-3126, a bug in the ICO plug-in which allowed context- dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero. We couldn't reproduce any crash in recent version, but fixed the error messages for good measure - Avoid creating wrong layer group structure when importing PSD files (already fixed in 2.8.20, didn't make it to the NEWS) - Prevent a crash in PDF plug-in if images or resolution are large - stop parsing invalid PCX files early and prevent a segmentation fault - **added support for screenshot functionality under Wayland sessions (backported from devel version of GIMP)** General: - if NOCONFIGURE is set, autogen.sh won't run configure - VPATH builds for win32 targets have been fixed Updated Translations: - Basque - Brazilian Portuguese - Catalan - Chinese (PRC) - Finnish - Greek - Hungarian - Italian - Kazakh - Norwegian - Polish - Slovenian - Spanish - Swedish -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398556 - Gimp screenshot function does not work under Wayland session https://bugzilla.redhat.com/show_bug.cgi?id=1398556 [ 2 ] Bug #1448977 - gimp-2.8.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448977 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gimp' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |