Mehrere Probleme in GIMP
ID: | FEDORA-2018-ccef1ced42 |
Distribution: | Fedora |
Plattformen: | Fedora 26 |
Datum: | Di, 27. Februar 2018, 19:06 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787 |
Applikationen: | GIMP |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-ccef1ced42 2018-02-27 16:51:55.486389 -------------------------------------------------------------------------------- Name : gimp Product : Fedora 26 Version : 2.8.22 Release : 3.fc26 URL : http://www.gimp.org/ Summary : GNU Image Manipulation Program Description : GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787 CVE-2017-17788 CVE-2017-17789 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1529147 - CVE-2017-17785 gimp: Heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c https://bugzilla.redhat.com/show_bug.cgi?id=1529147 [ 2 ] Bug #1529146 - CVE-2017-17789 gimp: Heap-based buffer overflow in read_channel_data function in plug-ins/common/file-psp.c https://bugzilla.redhat.com/show_bug.cgi?id=1529146 [ 3 ] Bug #1529145 - CVE-2017-17786 gimp: Heap-based buffer over-read in ReadImage function in plug-ins/common/file-tga.c https://bugzilla.redhat.com/show_bug.cgi?id=1529145 [ 4 ] Bug #1529144 - CVE-2017-17784 gimp: Heap-based buffer over-read in load_image function in plug-ins/common/file-gbr.c https://bugzilla.redhat.com/show_bug.cgi?id=1529144 [ 5 ] Bug #1529143 - CVE-2017-17787 gimp: Heap-based buffer over-read in read_creator_block function in plug-ins/common/file-psp.c https://bugzilla.redhat.com/show_bug.cgi?id=1529143 [ 6 ] Bug #1529141 - CVE-2017-17788 gimp: Stack-based buffer over-read in xcf_load_stream function in app/xcf/xcf.c https://bugzilla.redhat.com/show_bug.cgi?id=1529141 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gimp' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |