Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits: abd42892 by Adrian Bunk at 2023-11-20T15:30:03+02:00 CVE-2023-44441: The DDS plugin used to be 3rd party in an own package - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -813,6 +813,8 @@ CVE-2023-44442 [GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Exe NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/10101 (restricted) CVE-2023-44441 [GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability] - gimp 2.10.36-1 (bug #1055984) + [buster] - gimp <not-affected> (DDS plugin added in 2.10.10) + - gimp-gap <removed> NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1592/ NOTE: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/#fixed-vulnerabilities NOTE: https://gitlab.gnome.org/GNOME/gimp/-/commit/7db71cd0b6e36c454aa0d2d3efeec7e636db4dbc (GIMP_2_10_36) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abd42892596202297c24ac6740e75a4549c8c8ff -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abd42892596202297c24ac6740e75a4549c8c8ff You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits