Security update for gimp
SUSE Security Update: Security update for gimp
This update fixes the following security issues with gimp:
* bnc#853423: XWD plugin g_new() integer overflow
(CVE-2013-1913)
* bnc#853425: XWD plugin color map heap-based buffer
overflow (CVE-2013-1978)
* bnc#791372: memory corruption via XWD files
(CVE-2012-5576)
Security Issue references:
* CVE-2013-1913
>
* CVE-2012-5576
>
* CVE-2013-1978
>
Announcement ID: | SUSE-SU-2014:0214-1 |
Rating: | moderate |
References: | #791372 #853423 #853425 |
Affected Products: |
An update that fixes three vulnerabilities is now available.
Description:
This update fixes the following security issues with gimp:
* bnc#853423: XWD plugin g_new() integer overflow
(CVE-2013-1913)
* bnc#853425: XWD plugin color map heap-based buffer
overflow (CVE-2013-1978)
* bnc#791372: memory corruption via XWD files
(CVE-2012-5576)
Security Issue references:
* CVE-2013-1913
* CVE-2012-5576
* CVE-2013-1978
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11 SP3:
zypper in -t patch sdksp3-gimp-8856
- SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-gimp-8856
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64):
- gimp-2.6.2-3.34.45.1
- gimp-devel-2.6.2-3.34.45.1
- gimp-lang-2.6.2-3.34.45.1
- gimp-plugins-python-2.6.2-3.34.45.1
- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64):
- gimp-2.6.2-3.34.45.1
- gimp-lang-2.6.2-3.34.45.1
- gimp-plugins-python-2.6.2-3.34.45.1
References:
- http://support.novell.com/security/cve/CVE-2012-5576.html
- http://support.novell.com/security/cve/CVE-2013-1913.html
- http://support.novell.com/security/cve/CVE-2013-1978.html
- https://bugzilla.novell.com/791372
- https://bugzilla.novell.com/853423
- https://bugzilla.novell.com/853425
- http://download.novell.com/patch/finder/?keywords=0ad1765a09ee9612a60c4db564f15ae0