Login
Newsletter
Werbung

Sicherheit: Pufferüberläufe in GIMP
Aktuelle Meldungen Distributionen
Name: Pufferüberläufe in GIMP
ID: FEDORA-2013-22776
Distribution: Fedora
Plattformen: Fedora 19
Datum: Di, 17. Dezember 2013, 07:44
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978
Applikationen: GIMP

Originalnachricht

Name        : gimp
Product : Fedora 19
Version : 2.8.10
Release : 4.fc19
URL : http://www.gimp.org/
Summary : GNU Image Manipulation Program
Description :
GIMP (GNU Image Manipulation Program) is a powerful image composition and
editing program, which can be extremely useful for creating logos and other
graphics for webpages. GIMP has many of the tools and filters you would expect
to find in similar commercial offerings, and some interesting extras as well.
GIMP provides a large image manipulation toolbox, including channel operations
and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all
with multi-level undo.

-------------------------------------------------------------------------------
-
Update Information:

This update fixes buffer overflows in the XWD loader.
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Dec 4 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.10-4
- avoid buffer overflows in file-xwd plug-in (CVE-2013-1913, CVE-2013-1978)
* Fri Nov 29 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.10-1
- version 2.8.10
* Tue Nov 26 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.10-1
- use grep -E instead of egrep
* Fri Nov 8 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.8-3
- file-bmp: don't close already closed FD
* Thu Nov 7 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.8-2
- fix crash in lcms plug-in
- fix issues found during static code check
* Mon Nov 4 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.8-1
- version 2.8.8
* Thu Sep 19 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.6-5
- fix lcms2 patch
* Wed Sep 18 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.6-4
- build against lcms2
* Mon Aug 26 2013 Jon Ciesla <limburgher@gmail.com> - 2:2.8.6-3.2
- libmng rebuild.
* Sat Aug 3 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 2:2.8.6-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jul 8 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.6-3
- exit properly when quitting while loading images (#633107)
* Tue Jul 2 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.6-2
- use external help browser directly if help browser plug-in isn't built
- fix changelog dates
* Sun Jun 23 2013 Nils Philippsen <nils@redhat.com> - 2:2.8.6-1
- version 2.8.6
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1037720 - CVE-2013-1913 CVE-2013-1978 gimp: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1037720
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update gimp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung