[Git][security-tracker-team/security-tracker][master] Reserve DSA number for gimp update

Wed, 18 Feb 2026 03:00:05 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8f590c37 by Salvatore Bonaccorso at 2026-02-18T11:58:25+01:00
Reserve DSA number for gimp update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3412,8 +3412,6 @@ CVE-2025-11142 (The VAPIX API mediaclip.cgi that did not 
have a sufficient input
        NOT-FOR-US: Axis Communication
 CVE-2026-2239 [PSD loader: heap-buffer-overflow in fread_pascal_string() (no 
null terminator)]
        - gimp 3.2.0~RC2-3.2 (bug #1127838)
-       [trixie] - gimp <no-dsa> (Minor issue)
-       [bookworm] - gimp <no-dsa> (Minor issue)
        NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15812
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/8cf2772f5631719ae0e4e701bd7ef793b1f59cfa
 (master)
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/51a2d65a2df403f6da582173e0ddd7904356f5ae
 (gimp-3-0 branch)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[18 Feb 2026] DSA-6139-1 gimp - security update
+       {CVE-2026-2239 CVE-2026-2271 CVE-2026-2272}
+       [bookworm] - gimp 2.10.34-1+deb12u8
+       [trixie] - gimp 3.0.4-3+deb13u6
 [17 Feb 2026] DSA-6138-1 libpng1.6 - security update
        {CVE-2026-25646}
        [bookworm] - libpng1.6 1.6.39-2+deb12u3


=====================================
data/dsa-needed.txt
=====================================
@@ -32,8 +32,6 @@ gnutls28 (carnil)
 gh/oldstable
   Santiago Vila might work on preparing an update
 --
-gimp (carnil)
---
 git-lfs
 --
 inetutils



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f590c370ce8d2458c9f55dc82badb676621ede6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f590c370ce8d2458c9f55dc82badb676621ede6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to