[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-0797/gimp

Sat, 21 Feb 2026 11:36:39 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
55d99909 by Salvatore Bonaccorso at 2026-02-21T20:35:57+01:00
Update status for CVE-2026-0797/gimp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -216,9 +216,14 @@ CVE-2026-25896 (fast-xml-parser allows users to validate 
XML, parse XML to JS ob
 CVE-2026-24892 (openITCOCKPIT is an open source monitoring tool built for 
different mo ...)
        NOT-FOR-US: openITCOCKPIT
 CVE-2026-0797 (GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code 
Execution ...)
-       - gimp <undetermined>
+       - gimp <unfixed>
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-26-050/
-       TODO: check, unclear fix, reference to gimp commit seems incorrect
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15555
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2583
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/c54bf22acb04b83ae38ed50add58f300e898dd81
+       NOTE: Followup: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/905ce4b48782c5e71c79714b7ba7f6ebe4d0329d
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/ca449c745d58daa3f4b1ed4c2030d35d401a009d
 (GIMP_3_0_8)
+       NOTE: Followup: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/13849c5a9a65c2366c47f703d9d075e4bfb83525
 (GIMP_3_0_8)
 CVE-2026-0777 (Xmind Attachment Insufficient UI Warning Remote Code Execution 
Vulnera ...)
        NOT-FOR-US: Xmind
 CVE-2025-62326 (HCL Digital Experience is susceptible to stored cross-site 
scripting ( ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55d99909b48f9798aa043abf055760c4f0448c83

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55d99909b48f9798aa043abf055760c4f0448c83
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to