Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15059
The patch that is referenced by the NVD report has been backported[1] to the recipe version, and is included already. [1]: https://gitlab.gnome.org/GNOME/gimp/-/commit/c9eb407485f6c085adf70c8a334f75ea31565c60 Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb index a5e892c508..863d9a1667 100644 --- a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb +++ b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb @@ -134,3 +134,4 @@ RDEPENDS:${PN} = "mypaint-brushes-1.0 glib-networking python3-pygobject" CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux" CVE_STATUS[CVE-2025-8672] = "not-applicable-config: the vulnerability only affects MacOS" +CVE_STATUS[CVE-2025-15059] = "fixed-version: The issue is fixed since v3.0.8"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124079): https://lists.openembedded.org/g/openembedded-devel/message/124079 Mute This Topic: https://lists.openembedded.org/mt/117604892/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
