1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1105005: gimp: ZDI-CAN-26752

    From Salvatore Bonaccorso@21:1/5 to All on Fri May 9 22:00:01 2025
    Source: gimp
    Version: 3.0.2-3
    Severity: grave
    Tags: security upstream
    Justification: user security hole
    X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

    Hi

    There is ZDI-CAN-26752 report (with no CVE assignment yet), reported
    upstream at https://gitlab.gnome.org/GNOME/gimp/-/issues/13910

    Upstream fix: https://gitlab.gnome.org/GNOME/gimp/-/commit/c855d1df60ebaf5ef8d02807d448eb088f147a2b

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Sat May 17 14:50:01 2025
    Processing control commands:

    tags 1105005 + patch
    Bug #1105005 [src:gimp] gimp: ZDI-CAN-26752
    Added tag(s) patch.
    tags 1105005 + pending
    Bug #1105005 [src:gimp] gimp: ZDI-CAN-26752
    Added tag(s) pending.

    --
    1105005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105005
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Mon May 19 15:10:01 2025
    This is a multi-part message in MIME format...

    Your message dated Mon, 19 May 2025 13:04:53 +0000
    with message-id <E1uH0An-0040ZV-1K@fasolo.debian.org>
    and subject line Bug#1105005: fixed in gimp 3.0.2-3.1
    has caused the Debian Bug report #1105005,
    regarding gimp: ZDI-CAN-26752
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
    immediately.)


    --
    1105005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105005
    Debian Bug Tracking System
    Contact owner@bugs.debian.org with problems

    Received: (at submit) by bugs.debian.org; 9 May 2025 19:47:24 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
    (2021-04-09) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-7.6 required=4.0 tests=BAYES_00,FROMDEVELOPER,
    KHOP_HELO_FCRDNS,MD5_SHA1_SUM,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,
    RCVD_IN_VALIDITY_RPBL_BLOCKED,RDNS_DYNAMIC,SPF_HELO_NONE,SPF_NONE,
    SUBENDNUM,XMAILER_REPORTBUG autolearn=ham autolearn_force=no
    version=3.4.6-bugs.debian.org_2005_01_02
    X-Spam-Bayes: score:0.0000 Tokens: new, 21; hammy, 101; neutral, 29; spammy,
    1. spammytokens:0.944-+--H*r:bugs.debian.org
    hammytokens:0.000-+--H*F:U*carnil, 0.000-+--XDebbugsCc,
    0.000-+--X-Debbugs-Cc, 0.000-+--H*r:eldamar.lan, 0.000-+--H*M:reportbug Return-path: <carnil@debian.org>
    Received: from c-82-192-244-13.customer.ggaweb.ch ([82.192.244.13]:37850 h