[Git][security-tracker-team/security-tracker][master] Revert "one gimp issue n/a for all released suites"

Wed, 24 Dec 2025 22:09:01 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c03afdbe by Salvatore Bonaccorso at 2025-12-25T07:05:34+01:00
Revert "one gimp issue n/a for all released suites"

This reverts commit fbe0e0b8e47872cf251c341b412ad0488af9f92b.

As per https://gitlab.gnome.org/GNOME/gimp/-/issues/15285 in the report
the file file-jp2.c is renamed in the 19c57a9765ac ("plug-ins: Add
support for JPEG 2000 export") upstream commit.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1865,13 +1865,9 @@ CVE-2025-14488 (RealDefense SUPERAntiSpyware Exposed 
Dangerous Function Local Pr
        NOT-FOR-US: RealDefense
 CVE-2025-14425 (GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code 
Execution ...)
        - gimp 3.2.0~RC2-1
-       [trixie] - gimp <not-affected> (Vulnerable code not present)
-       [bookworm] - gimp <not-affected> (Vulnerable code not present)
-       [bullseye] - gimp <not-affected> (Vulnerable code not present)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1139/
        NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15285
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd
 (GIMP_3_2_0_RC1)
-       NOTE: Introduced in: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/19c57a9765ac3451c9cde94ccb06bec5ae06fbd8
 (GIMP_3_1_2)
 CVE-2025-14424 (GIMP XCF File Parsing Use-After-Free Remote Code Execution 
Vulnerabili ...)
        - gimp 3.2.0~RC2-1
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1138/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03afdbe4186101d78c489bd81421980016c8206

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c03afdbe4186101d78c489bd81421980016c8206
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to