MGASA-2023-0346

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0346.html

Import Source

https://advisories.mageia.org/MGASA-2023-0346.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2023-0346

Related

Published

2023-12-15T17:57:51Z

Modified

2023-12-16T14:33:27Z

Summary

Updated gimp packages fix security vulnerabilities

Details

GIMP has been updated to version 2.10.36 to fix several security issues. CVE-2023-44441: GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2023-44442: GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2023-44443: GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability CVE-2023-44444: GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / gimp

Package

Name: gimp
Purl: pkg:rpm/mageia/gimp?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.36-1.mga9

Ecosystem specific

{
    "section": "core"
}

Mageia:8 / gimp

Package

Name: gimp
Purl: pkg:rpm/mageia/gimp?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.36-1.mga8

Ecosystem specific

{
    "section": "core"
}

Mageia:8 / gegl

Package

Name: gegl
Purl: pkg:rpm/mageia/gegl?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.38-1.mga8

Ecosystem specific

{
    "section": "core"
}