FS#38080 - [gimp] security patch for CVE-2013-1913 and CVE-2013-197
Attached to Project:
Arch Linux
Opened by RbN (RbN) - Monday, 09 December 2013, 19:23 GMT
Last edited by Isenmann Daniel (ise) - Tuesday, 31 December 2013, 11:48 GMT
Opened by RbN (RbN) - Monday, 09 December 2013, 19:23 GMT
Last edited by Isenmann Daniel (ise) - Tuesday, 31 December 2013, 11:48 GMT
|
Details
Description:
Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. The vulnerabilities affects gimp 2.8.8 and gimp 2.8.10. Patch : from upstream [0] [1] [0] https://git.gnome.org/browse/gimp/commit/?id=32ae0f83e5748299641cceaabe3f80f1b3afd03e [1] https://git.gnome.org/browse/gimp/commit/?id=23f685931e5f000dd033a45c60c1e60d7f78caf4 |
This task depends upon
Closed by Isenmann Daniel (ise)
Tuesday, 31 December 2013, 11:48 GMT
Reason for closing: Fixed
Additional comments about closing: The patches will be included in the next update to 2.8.10
Building the packages right now.
Tuesday, 31 December 2013, 11:48 GMT
Reason for closing: Fixed
Additional comments about closing: The patches will be included in the next update to 2.8.10
Building the packages right now.