-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 3 Nov 2025 21:00:47 CET Source: gimp Architecture: source Version: 2.10.22-4+deb11u4 Distribution: bullseye-security Urgency: high Maintainer: Debian GNOME Maintainers <[email protected]> Changed-By: Markus Koschany <[email protected]> Checksums-Sha1: ddf9876fc21b7cab5bf1b9e025bb2fd497871702 3621 gimp_2.10.22-4+deb11u4.dsc da1687341e846fef784485511809da2988cb8200 33152226 gimp_2.10.22.orig.tar.bz2 a6ad4d49ad5666a2e3efa23457ea98214ddf89f8 73988 gimp_2.10.22-4+deb11u4.debian.tar.xz 23cc09310fa3bf5958e029d74f60e8b685be595e 22091 gimp_2.10.22-4+deb11u4_amd64.buildinfo Checksums-Sha256: 93ccf60ff5ea41c8279570ebf78f745703bd576ed430ecc79b13ee752c35eebe 3621 gimp_2.10.22-4+deb11u4.dsc 2db84b57f3778d80b3466d7c21a21d22e315c7b062de2883cbaaeda9a0f618bb 33152226 gimp_2.10.22.orig.tar.bz2 0ebf706b99cd018ba905b33af84996b12819efb2c2d773c7bdecce4b129d9361 73988 gimp_2.10.22-4+deb11u4.debian.tar.xz 93ae92c6598adba278849427ecfb4cb2167396c930643e2a64cef2afb4bfdfba 22091 gimp_2.10.22-4+deb11u4_amd64.buildinfo Changes: gimp (2.10.22-4+deb11u4) bullseye-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2025-10934: GIMP, the GNU Image Manipulation Program, is vulnerable to a heap-based buffer overflow when parsing XWD files. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP and requires the target to visit a malicious page or open a malicious file. Files: 5d62c9c2facea2c112dba332c65e4f0d 3621 graphics optional gimp_2.10.22-4+deb11u4.dsc 9d559ba6f039da033754f1d62a91cc39 33152226 graphics optional gimp_2.10.22.orig.tar.bz2 5ce00f9dfebf569e10e596a9c58fcdd5 73988 graphics optional gimp_2.10.22-4+deb11u4.debian.tar.xz 01e0d82b43f71b740faa0fba6215ac9d 22091 graphics optional gimp_2.10.22-4+deb11u4_amd64.buildinfo
-----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmkJCgxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HktN4P/3yWsP5kK2JqJRPyS9LVzF1ijR1nJ8phm/Gq IU4Geh0ZVzZw9UCdGTzUfqRga88mMfC9AbxUQRHYu0bsaheNqZIcGfTICMIpoFpA fONk5TOX0gfu0DcK5r3SI2tI0XUqAugS8sG7hsXdv3MUoQgcD/qMRUAhpFGrEJAh zX0d8/YCWPDIowkZfrDKVfmhfjXqnV1rz3SXTzmjp8//g8RGrbXW/udiSi4BKgIn 1qwAgX85/AWo0D6XmkhvPq2dXQ1IYx5yFlo0teNQLkyjkr0SQX1+pk2rwE/XbxtF uI51VtMwvrHNXgmA7KCxYu2jpWx/GZF5n4pW2UZ2bqbWeCQ5u2a/WNuWwFKPKY8v 7LjgTXkMJ9hWp3xmI3SkaZMhn/WTVi0x1vDB6zw7M9k8EwbkjxVh6BsJw49p8Dci 8yRHQlIH6zPbBjiiwKXqCSeDeWCllMbyF0wNDb+EGIRq+GfOAnJdMSP2Gwh8zGsh rDeipba7thKnhAa5ddaf5Iv73kVvIun14OGccWoH0kcngUiN6Un2r7j+Xvaiq4Pj yVZ+XTIjxajmFmzRVO+ZZKBVEnylBD3NBfGwBq321EZUP3aFtS478zbIVLYakezJ oN3ARDdlwPjMeYfXf6LPvuX9KQEh7tDE4ESd8irBCVvYMyIqKl6fD/XrjVO1dD8J OKUp2IGM =fo9K -----END PGP SIGNATURE-----
pgpi5jWYP2Mo5.pgp
Description: PGP signature
