-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6139-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : gimp CVE ID : CVE-2026-2239 CVE-2026-2271 CVE-2026-2272 Debian Bug : 1127838 1127841 1127842 Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed PSD, PSP or ICO files are opened. For the oldstable distribution (bookworm), these problems have been fixed in version 2.10.34-1+deb12u8. For the stable distribution (trixie), these problems have been fixed in version 3.0.4-3+deb13u6. We recommend that you upgrade your gimp packages. For the detailed security status of gimp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gimp Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmmVnNtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TrQw/8C3oGzV+quLhDqkfNdNLtSCLbWkkowit4zA9rNrLSsC4fR4L9dh4NB/in 6TQrOr1Ge/yvFDiYUP9fi7sqzDYvJT0BanuwKyzXm1LaCRFHhm5upRVmbelprzs9 z55AxEcXcJEBARfRl4Xfgsy2BVH6GUO1/WJ+JArEmCNxKddrd4FaqbRLL6BeH6GJ XkOSeaIBPTE6tredvh+E12zAenQbWSy2m3RJQMRQ2vOnSGgghLK1oniWSOa/Tvk/ AlaR/p+DnqALnt2vU4sn088PljUr3zkQf2UzUDPgWzaFLorSO7eMKzUJOjB9sBqW 56GJCglqOEjDXSGZcDWRlkO/mvVcixkgN+h+s5MrvZhhCc2BdD4by66l15OqHihC toSiCcYansqrlOFbBYQsuMrHTi/ME+1NTfdei09xDib4UiE3fmqarFXUz+I086DR Uh8UHBvP6JJc48YqIqi1nfVS/xFUFqt61B2Nef89kmhwEeKUEvmZqB7js64mDLX3 UzczQr+Ye0jtBQCE1dc7VNFH4g0eDm1hIp12Z+SbjRY03ybbGeRB63kQDtkpswSy pq2OkMyjW5/5urEjQdr7m0r9q3KUGD57m+wy1s5nTXTf7tvwfiSCIDEBPJ7CZmok MZ2fmtqrETexMcuVTGElJthKVNX6Th1UzQBGY9bdWgCGCetDkU8= =Oepv -----END PGP SIGNATURE-----
