[ubuntu/quantal] gimp 2.8.0-2ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Sep 6 19:50:27 UTC 2012
gimp (2.8.0-2ubuntu3) quantal; urgency=low
* SECURITY UPDATE: denial of service via malformed .fit file header
- debian/patches/CVE-2012-3236.patch: check for valid XTENSION header
in plug-ins/file-fits/fits-io.c.
- CVE-2012-3236
* SECURITY UPDATE: denial of service and possible code execution via
crafted KiSS palette file
- debian/patches/CVE-2012-3403.patch: validate return codes and header
data in plug-ins/common/file-cel.c.
- CVE-2012-3403
* SECURITY UPDATE: denial of service and possible code execution via
crafted GIF image file
- debian/patches/CVE-2012-3481.patch: validate sizes, and prevent
overflows in plug-ins/common/file-gif-load.c.
- CVE-2012-3481
Date: Wed, 05 Sep 2012 13:29:00 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/quantal/+source/gimp/2.8.0-2ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 05 Sep 2012 13:29:00 -0400
Source: gimp
Binary: libgimp2.0 gimp gimp-data libgimp2.0-dev libgimp2.0-doc gimp-dbg
Architecture: source
Version: 2.8.0-2ubuntu3
Distribution: quantal
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
gimp - The GNU Image Manipulation Program
gimp-data - Data files for GIMP
gimp-dbg - Debugging symbols for GIMP
libgimp2.0 - Libraries for the GNU Image Manipulation Program
libgimp2.0-dev - Headers and other files for compiling plugins for GIMP
libgimp2.0-doc - Developers' Documentation for the GIMP library
Changes:
gimp (2.8.0-2ubuntu3) quantal; urgency=low
.
* SECURITY UPDATE: denial of service via malformed .fit file header
- debian/patches/CVE-2012-3236.patch: check for valid XTENSION header
in plug-ins/file-fits/fits-io.c.
- CVE-2012-3236
* SECURITY UPDATE: denial of service and possible code execution via
crafted KiSS palette file
- debian/patches/CVE-2012-3403.patch: validate return codes and header
data in plug-ins/common/file-cel.c.
- CVE-2012-3403
* SECURITY UPDATE: denial of service and possible code execution via
crafted GIF image file
- debian/patches/CVE-2012-3481.patch: validate sizes, and prevent
overflows in plug-ins/common/file-gif-load.c.
- CVE-2012-3481
Checksums-Sha1:
2e09c3ecc101861b9b931a7590aad06d0b6a5e76 3238 gimp_2.8.0-2ubuntu3.dsc
9fd7a97fe366a53ebb300d353442a242d2ed6db6 52579 gimp_2.8.0-2ubuntu3.debian.tar.gz
Checksums-Sha256:
c4a514beffb2017be1399dbd76540b91d003bfcc6fc227f10db1629a982ada69 3238 gimp_2.8.0-2ubuntu3.dsc
1477ce4903515503da25cc57be8fd69612a948aff4e5aedf1134f4cada667911 52579 gimp_2.8.0-2ubuntu3.debian.tar.gz
Files:
059ef700f4e0db1911121e2aeadb0925 3238 graphics optional gimp_2.8.0-2ubuntu3.dsc
d46f753904dc17ef6c2408ec4425e170 52579 graphics optional gimp_2.8.0-2ubuntu3.debian.tar.gz
Original-Maintainer: Ari Pollak <ari at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJQSP0GAAoJEGVp2FWnRL6TEQEP/3u3hsAvoAEGahZ9+UKApJrd
Pkf/67gmLQXGlu+Mge8gewTKnxBfZdCABE4uoCwwyAb6yQC4ECt9R54DelvtE6Ob
rmOe4erPTP5eH2y0jDDDIq4vPWfeJwcGGvyBnVA8Yd/amon2BhVneY1UyHl9SuJI
/Qy/JajSo9rDyLCAW96fhewXVkhFfWG9wsE99wQa2W8hgZC1QT2NQOFFX+MjPeZM
OcRhYsrA1lFbxHlANAL8CUzESci6wuobVphAdyhXfhSGDd1uNBq0dj/Rp/vgzZUL
LeUpOhCTwaFIj1hGwv1BpyJphKhQ8f9XPlI2WjaTdCR5pOJ+0bSM6KyG31cRRwLz
JGFl3FISUskUqXAVr4alK2J4ZhE+9+7+84dCj5sZce9TfZ9wnosH+mv9lvyFqgqN
Y05t3E6XAGGwy53Ff9iQ6oIfrzLLru15KfcuV4umr60qQyygQd5ea/u4HdKeuHK8
4HLk6FsPBZBMUH4MCwbb+X2GH1Ev1BvbwnJ6HZp4cnf9OoxEdOoBm2jKEI9gpKYz
70KHATZc4vqwEGP4ld0Dwla3Ne+P4p2z6icgx5GVW9xZ4HiGMSbWePkqYN9DtHDd
UyZskdH1sl7AfsEWOV7/RvVDT+zoFSngqr7ZCCMSpJ14Ss8ioACG3dRvzajcsJ7+
KR84QTihMS4supNACS2C
=rl7u
-----END PGP SIGNATURE-----
More information about the Quantal-changes
mailing list