[ubuntu/mantic-security] gimp 2.10.34-1ubuntu0.23.10.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Nov 29 13:13:17 UTC 2023
gimp (2.10.34-1ubuntu0.23.10.1) mantic-security; urgency=medium
* SECURITY UPDATE: DDS File Parsing Heap-based Buffer Overflow
- debian/patches/CVE-2023-44441-1.patch: verify header information in
plug-ins/file-dds/ddsread.c.
- debian/patches/CVE-2023-44441-2.patch: fix checks in
plug-ins/file-dds/ddsread.c.
- debian/patches/CVE-2023-44441-3.patch: add additional fixes in
plug-ins/file-dds/ddsread.c.
- CVE-2023-44441
* SECURITY UPDATE: PSD File Parsing Heap-based Buffer Overflow
- debian/patches/CVE-2023-44442.patch: add missing break statement in
plug-ins/file-psd/psd-util.c.
- CVE-2023-44442
* SECURITY UPDATE: PSP File Parsing Integer Overflow and Off-By-One
- debian/patches/CVE-2023-44443_44444.patch: check
color_palette_entries and fix buffer size in
plug-ins/common/file-psp.c.
- CVE-2023-44443
- CVE-2023-44444
Date: 2023-11-28 15:55:10.224757+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/gimp/2.10.34-1ubuntu0.23.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list