gimp-2.99.8-3.el9

エラータID: AXSA:2023-4967:01

Release date: 
Monday, February 6, 2023 - 02:25
Subject: 
gimp-2.99.8-3.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.

Security Fix(es):

* gimp: buffer overflow through a crafted XCF file (CVE-2022-30067)
* gimp: unhandled exception via a crafted XCF file may lead to DoS (CVE-2022-32990)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-30067
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
CVE-2022-32990
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).

Solution: 

Update packages.

CVEs: 
CVE-2022-30067
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
CVE-2022-32990
An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS).
Additional Info: 

N/A

Download: 

SRPMS
  1. gimp-2.99.8-3.el9.src.rpm
    MD5: 53fa1ae293ea3ca70d2a3d2e26a8ec22
    SHA-256: 8a31714744f0455f9e72b057112ca54b229c5d29e2a68b6f503b0fd2113a1834
    Size: 29.41 MB

Asianux Server 9 for x86_64
  1. gimp-2.99.8-3.el9.x86_64.rpm
    MD5: 2433e48588eecee0ed83bc1aeef87cca
    SHA-256: 9aded7672c5f859533de2a7127e41a2825b7f17c0bb0d086f920499b8a3fe8fa
    Size: 18.74 MB
  2. gimp-libs-2.99.8-3.el9.x86_64.rpm
    MD5: 092c4ad57de64f22b0211760e06cefae
    SHA-256: b753c79df6ea42d58d34bd77770b7b6ff4e879d7caf9a4633fb8dabe4c7f8ce6
    Size: 547.64 kB
  3. gimp-libs-2.99.8-3.el9.i686.rpm
    MD5: 4a17d11117b731afb6928c8453ea19e9
    SHA-256: aa34cd4f4e764f57ae227e2f6ebabd5f689be6e3b8e586fb3645a07a78fed62f
    Size: 584.89 kB