1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.RC

  • Bug#1107758: marked as done (gimp: CVE-2025-2760) (2/2)

    From Debian Bug Tracking System@1:229/2 to All on Wed Jul 2 17:30:01 2025
    [continued from previous message]

    for 1107758-close@bugs.debian.org; Wed, 02 Jul 2025 15:19:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
    d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Content-Type:
    Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID
    :Content-Description:In-Reply-To:References;
    bh=L835wKGZkXVhQCqKWpqk6PS2jnhvUyvN3qMsBjejsOg=; b=FGG7cPgEoXW1h4Jr9Pz29uvm3r
    RD/N8nRDbqRxW5c3SC8xkN+vIy4hZorUuow6XTNNDh9GP4APWjXAm0ZcJOEWdkAjz7wPwT7Ua6x+j
    I5Bb9b+JKdiULszhd2NCmw1fm991Z5eC+rIu3kX/h8dFjGkE+bUp+ijO8SdxkQAtiZcz+JCBVRUO2
    NgyjZU2ut8ia/QE1TfBTlUH748Q+DLxBMl48EddhbOxkTYvK6udDIHC70aaL6pE9W/kzA82pKouAu
    kh5sGcloQEw1AriNxFoIYsnaUmhBeVGJGsprMvKCCzo0NEPTuodSjR0Wi8FYn1kG8Q4+D5GJR7alh
    prHAUPBg==;
    Received: from dak by fasolo.debian.org with local (Exim 4.94.2)
    (envelope-from <envelope@ftp-master.debian.org>)
    id 1uWzFN-00E6p4-8s; Wed, 02 Jul 2025 15:19:41 +0000
    From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
    Reply-To: =?utf-8?q?Jeremy_B=C3=ADcha?= <jbicha@ubuntu.com>
    To: 1107758-close@bugs.debian.org
    X-DAK: dak process-upload
    X-Debian: DAK
    X-Debian-Package: gimp
    Debian: DAK
    Debian-Changes: gimp_3.0.4-3_source.changes
    Debian-Source: gimp
    Debian-Version: 3.0.4-3
    Debian-Architecture: source
    Debian-Suite: unstable
    Debian-Archive-Action: accept
    MIME-Version: 1.0
    Subject: Bug#1107758: fixed in gimp 3.0.4-3
    Content-Type: multipart/signed; micalg="pgp-sha256";
    protocol="application/pgp-signature";
    boundary="===============4422219492098595474=="
    Message-Id: <E1uWzFN-00E6p4-8s@fasolo.debian.org>
    Date: Wed, 02 Jul 2025 15:19:41 +0000

    --===============4422219492098595474==
    Content-Type: text/plain; charset="utf-8"
    Content-Transfer-Encoding: quoted-printable

    Source: gimp
    Source-Version: 3.0.4-3
    Done: Jeremy Bícha <jbicha@ubuntu.com>

    We believe that the bug you reported is fixed in the latest version of
    gimp, which is due to be installed in the Debian FTP archive.

    A summary of the changes between this version and the previous one is
    attached.

    Thank you for reporting the bug, which will now be closed. If you
    have further comments please address them to 1107758@bugs.debian.org,
    and the maintainer will reopen the bug report if appropriate.

    Debian distribution maintenance software
    pp.
    Jeremy Bícha <jbicha@ubuntu.com> (supplier of updated gimp package)

    (This message was generated automatically at their request; if you
    believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org)


    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Wed, 02 Jul 2025 10:46:57 -0400
    Source: gimp
    Built-For-Profiles: noudeb
    Architecture: source
    Version: 3.0.4-3
    Distribution: unstable
    Urgency: high
    Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
    Changed-By: Jeremy Bícha <jbicha@ubuntu.com>
    Closes: 1107758
    Changes:
    gimp (3.0.4-3) unstable; urgency=high
    .
    * plug-ins: ZDI-CAN-26752 mitigation for 32-bit (Closes: #1107758)
    - CVE-2025-2760
    Checksums-Sha1:
    dc535dc547b09938a67c6a64035e4f48a4ef20f9 3891 gimp_3.0.4-3.dsc
    c94f6dc15bf1916967ce538822f50e5fd4fcff70 64924 gimp_3.0.4-3.debian.tar.xz
    14023b3fc95bb6329735b890800c10a5da0c8ec6 18661 gimp_3.0.4-3_source.buildinfo Checksums-Sha256:
    481a435eaa0e2c61606856a6e003778076940a5bfbcbfba78cc0bbeba565aec5 3891 gimp_3.0.4-3.dsc
    8f234ec93473ea6a6887a3a48c9a1c9ffb80b3c733d3a19fa1f53b445cb1864f 64924 gimp_3.0.4-3.debian.tar.xz
    65c56a1f0c9dc2b75b88b4b8b65c1d4d051f3bccb58d3e78572400fb8bbc166a 18661 gimp_3.0.4-3_source.buildinfo
    Files:
    71c0d2c1a1aff66392d9fc093d4824e8 3891 graphics optional gimp_3.0.4-3.dsc
    00d80502c669fb03a3018311d6808935 64924 graphics optional gimp_3.0.4-3.debian.tar.xz
    a32b65ff4ebf1d61d01d48f6d76782e2 18661 graphics optional gimp_3.0.4-3_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmhlRxcACgkQ5mx3Wuv+ bH2WDg/5AQ/br+jR/awLwGUBclldsHn0P0O+o1QDh8GP0Hz//6QUJHMWn18u3DLA HPVLz6pOk4CEe2pGPbY8ks8m1HEnaXAsx1HduH6vUfOY1MgsesJljp3vVrqo5Y6f BcuJE3DmKO0Y/HUgTV/DMZ8JyryA59z2Obb8ncCNw7J/MKcu7y6MamX20XjUKI7Y jTyOUaSwt8wtK2GoRce7Wkp06Y2ZoMDFP7hqwRMPPO1FF3sogH3U0wpxr/PeNrx1 IlUSv2LXd/S4ZEyG5z4Leljqsm2eHxceaTx+F7pmwpwQwuWUqIqQMaNrwBMRHDUk qUgLI3g4ZEUx4Lk46aQ/Q9diJPQDCCzgFY1Pyca7Q0PV8Vyp1bwsrPuZDVHp9XqJ XK1hIDfSPjh0Ql/6KaTUxB4bg/l4bVLCRj6pMqcC5ejCfgmM/R1dHHw5wLh6HC/I ZmwVaWQSPBuojlfdsnf1//DXND58MLo2fjksGmU2oJxSKwuzr71c/n5UqG0la158 WluatDjaLtkJC5xGh+iupb06DUUOYu4NF2LWCQ3iHbM6Ba8n6T5a0OuxRRtyDSM+ 0whbc8vWDk+cWhilNXFB53QbbHVGXNiX0OsytR/19wID+v3I/tO1dUSoPFF6LxTC d543fkUZbouTTWXVhRxbFaU37inCKnrbDM1ZO3BhhR6NaRbIvfo=
    =bg82
    -----END PGP SIGNATURE-----


    --==============D22219492098595474=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaGVODQAKCRCb9qggYcy5 IWPQAP9IF2DTpmWzOhHkleayXEKwjwDTC1W+/b3bFZ3Ugba+DwD/WDY7o5sxKtAA ryNiq32RcEdhaCWIDlS9I2XMpiK5XAg=Y2dR
    -----END PGP SIGNATURE-----

    --==============D22219492098595474==--

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)