[ubuntu/intrepid-security] gimp_2.6.1-1ubuntu3.1_lpia_translations.tar.gz, gimp_2.6.1-1ubuntu3.1_sparc_translations.tar.gz (delayed), gimp_2.6.1-1ubuntu3.1_powerpc_translations.tar.gz, gimp_2.6.1-1ubuntu3.1_amd64_translations.tar.gz, gimp_2.6.1-1ubuntu3.1_hppa_translations.tar.gz, gimp_2.6.1-1ubuntu3.1_i386_translations.tar.gz, gimp_2.6.1-1ubuntu3.1_ia64_translations.tar.gz, gimp 2.6.1-1ubuntu3.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Jan 7 16:08:13 GMT 2010


gimp (2.6.1-1ubuntu3.1) intrepid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted BMP file
    - debian/patches/04_security_CVE-2009-1570.patch: validate bit depths,
      width and height in plug-ins/file-bmp/bmp-read.c.
    - CVE-2009-1570
  * SECURITY UPDATE: arbitrary code execution via crafted PSD file
    - debian/patches/05_security_CVE-2009-3909.patch: protect against
      integer overflows in plug-ins/file-psd/{psd.h,psd-load.c}.
    - CVE-2009-3909

Date: Mon, 04 Jan 2010 14:12:52 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Desktop Team <ubuntu-desktop at lists.ubuntu.com>
https://launchpad.net/ubuntu/intrepid/+source/gimp/2.6.1-1ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Mon, 04 Jan 2010 14:12:52 -0500
Source: gimp
Binary: libgimp2.0 gimp gimp-data libgimp2.0-dev libgimp2.0-doc gimp-dbg
Architecture: source
Version: 2.6.1-1ubuntu3.1
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Desktop Team <ubuntu-desktop at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 gimp       - The GNU Image Manipulation Program
 gimp-data  - Data files for GIMP
 gimp-dbg   - Debugging symbols for GIMP
 libgimp2.0 - Libraries for the GNU Image Manipulation Program
 libgimp2.0-dev - Headers and other files for compiling plugins for GIMP
 libgimp2.0-doc - Developers' Documentation for the GIMP library
Changes: 
 gimp (2.6.1-1ubuntu3.1) intrepid-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via crafted BMP file
     - debian/patches/04_security_CVE-2009-1570.patch: validate bit depths,
       width and height in plug-ins/file-bmp/bmp-read.c.
     - CVE-2009-1570
   * SECURITY UPDATE: arbitrary code execution via crafted PSD file
     - debian/patches/05_security_CVE-2009-3909.patch: protect against
       integer overflows in plug-ins/file-psd/{psd.h,psd-load.c}.
     - CVE-2009-3909
Checksums-Sha1: 
 16e3b99b126783e3aa47188301929c39ba242178 1953 gimp_2.6.1-1ubuntu3.1.dsc
 0b5a1daeb5c05647166ddead81f41295197b5fbf 45549 gimp_2.6.1-1ubuntu3.1.diff.gz
Checksums-Sha256: 
 fb7a81304593073071e36806a9fad796132239d232b5d47ae02db650cd829692 1953 gimp_2.6.1-1ubuntu3.1.dsc
 a71be5bdf54d30b27977faea39e37ce3281a7d959deae658b07fe9a7bbbc3712 45549 gimp_2.6.1-1ubuntu3.1.diff.gz
Files: 
 986390410549ee84f354249fe91b1aa3 1953 graphics optional gimp_2.6.1-1ubuntu3.1.dsc
 3dc49c3c73b65061f6ff821bda33d427 45549 graphics optional gimp_2.6.1-1ubuntu3.1.diff.gz
Original-Maintainer: Ari Pollak <ari at debian.org>


More information about the Intrepid-changes mailing list