OESA-2025-1833

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1833

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2025-1833.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2025-1833

Upstream

CVE-2025-6035

Published

2025-07-11T12:31:34Z

Modified

2025-08-12T05:52:20.787828Z

Summary

gimp security update

Details

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing, and conversions, together with multilevel undo. The GIMP offers a scripting facility, but many of the included scripts rely on fonts that we cannot distribute.

Security Fix(es):

A vulnerability was found in GIMP (Image Processing Software) (affected version not known) and classified as critical.Using CWE to declare the problem leads to CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Impacted is confidentiality, integrity, and availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.(CVE-2025-6035)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:24.03-LTS-SP1 / gimp

Package

Name: gimp
Purl: pkg:rpm/openEuler/gimp&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.2-3.oe2403sp1

Ecosystem specific

{
    "aarch64": [
        "gimp-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-debuginfo-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-debugsource-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-devel-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-extension-goat-excercises-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-libs-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-plugin-aa-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-plugin-python3-3.0.2-3.oe2403sp1.aarch64.rpm",
        "gimp-vala-3.0.2-3.oe2403sp1.aarch64.rpm"
    ],
    "src": [
        "gimp-3.0.2-3.oe2403sp1.src.rpm"
    ],
    "x86_64": [
        "gimp-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-debuginfo-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-debugsource-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-devel-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-extension-goat-excercises-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-libs-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-plugin-aa-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-plugin-python3-3.0.2-3.oe2403sp1.x86_64.rpm",
        "gimp-vala-3.0.2-3.oe2403sp1.x86_64.rpm"
    ]
}