gimp-2.99.8-4.el9_3

エラータID: AXSA:2024-7511:01

Release date: 
Tuesday, February 13, 2024 - 13:58
Subject: 
gimp-2.99.8-4.el9_3
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.

Security Fix(es):

* gimp: dds buffer overflow RCE (CVE-2023-44441)
* gimp: PSD buffer overflow RCE (CVE-2023-44442)
* gimp: psp integer overflow RCE (CVE-2023-44443)
* gimp: psp off-by-one RCE (CVE-2023-44444)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-44441
RESERVED
CVE-2023-44442
RESERVED
CVE-2023-44443
RESERVED
CVE-2023-44444
RESERVED

Solution: 

Update packages.

CVEs: 
CVE-2023-44441
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-44442
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-44443
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-44444
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Additional Info: 

N/A

Download: 

SRPMS
  1. gimp-2.99.8-4.el9_3.src.rpm
    MD5: a054488b74a103e695d55a5c1679f31f
    SHA-256: b0c75fb0e19e1d0376ea9fd44de5ffa453965dcaeb5183dff04ef2614c1a37ee
    Size: 29.41 MB

Asianux Server 9 for x86_64
  1. gimp-2.99.8-4.el9_3.x86_64.rpm
    MD5: dede44a4510076ffa5b6baf35f1eb279
    SHA-256: c4e31820030ce0cf7b6484b5774b0dbc084f8754094b0409cf5ef5c6ddaf72c9
    Size: 19.29 MB
  2. gimp-libs-2.99.8-4.el9_3.i686.rpm
    MD5: 78af0191a6c53a1948aff3ea6efc040f
    SHA-256: f399b61db476575280075d260bc3cee94b7e04419f86af3745c09d0cef5f0e64
    Size: 588.07 kB
  3. gimp-libs-2.99.8-4.el9_3.x86_64.rpm
    MD5: 71713b4d806253c40c32b7a905a08b21
    SHA-256: 3b0b81376643bbb89c6df673e32ccefb703a39f607a70c66bb0a19f9a7945479
    Size: 551.31 kB