[oe] [meta-gnome][scarthgap][PATCH 5/7] gimp: patch CVE-2026-2045

Gyorgy Sarvari via lists.openembedded.org Thu, 05 Mar 2026 03:07:24 -0800

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-2045


Pick the patch associated with the relevant upstream issue[1].

[1]: https://gitlab.gnome.org/GNOME/gimp/-/issues/15293

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../gimp/gimp/CVE-2026-2045.patch             | 36 +++++++++++++++++++
 meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb  |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch

diff --git a/meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch 
b/meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch
new file mode 100644
index 0000000000..c084b5704f
--- /dev/null
+++ b/meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch
@@ -0,0 +1,36 @@
+From 584e67bdd529ab37b50eeba7e62e975af8c6d617 Mon Sep 17 00:00:00 2001
+From: Jacob Boerema <[email protected]>
+Date: Thu, 15 Jan 2026 10:12:07 -0500
+Subject: [PATCH] plug-ins: fix #15293 security issue ZDI-CAN-28265
+
+Just like we did in commit 4eb106f2bff2d9b8e518aa455a884c6f38d70c6a
+we need to make sure that the offset in the colormap is valid before
+using it, before using it to compute the RGB values.
+
+CVE: CVE-2026-2045
+Upstream-Status: Backport 
[https://gitlab.gnome.org/GNOME/gimp/-/commit/68b27dfb1cbd9b3f22d7fa624dbab8647ee5f275]
+Signed-off-by: Gyorgy Sarvari <[email protected]>
+---
+ plug-ins/common/file-xwd.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/plug-ins/common/file-xwd.c b/plug-ins/common/file-xwd.c
+index 53e4cd2..8ab11c0 100644
+--- a/plug-ins/common/file-xwd.c
++++ b/plug-ins/common/file-xwd.c
+@@ -1624,7 +1624,14 @@ load_xwd_f2_d16_b16 (const gchar     *filename,
+ 
+   for (j = 0; j < ncols; j++)
+     {
+-      cm = ColorMap + xwdcolmap[j].l_pixel * 3;
++      goffset offset = xwdcolmap[j].l_pixel * 3;
++
++      if (offset+2 >= maxval)
++        {
++          g_message (_("Invalid colormap offset. Possibly corrupt image."));
++          return NULL;
++        }
++      cm = ColorMap + offset;
+       *(cm++) = (xwdcolmap[j].l_red >> 8);
+       *(cm++) = (xwdcolmap[j].l_green >> 8);
+       *cm = (xwdcolmap[j].l_blue >> 8);
diff --git a/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb 
b/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
index 4f273a7cbb..d38160a864 100644
--- a/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
+++ b/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
@@ -56,6 +56,7 @@ SRC_URI = 
"https://download.gimp.org/pub/${BPN}/v${SHPV}/${BP}.tar.bz2 \
            file://CVE-2025-2761.patch \
            file://CVE-2026-0797.patch \
            file://CVE-2026-2044.patch \
+           file://CVE-2026-2045.patch \
            "
 SRC_URI[sha256sum] = 
"50a845eec11c8831fe8661707950f5b8446e35f30edfb9acf98f85c1133f856e"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#124870): 
https://lists.openembedded.org/g/openembedded-devel/message/124870
Mute This Topic: https://lists.openembedded.org/mt/118149897/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-gnome][scarthgap][PATCH 5/7] gimp: patch CVE-2026-2045

Reply via email to