MGASA-2018-0273

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0273.html

Import Source

https://advisories.mageia.org/MGASA-2018-0273.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0273

Related

Published

2018-06-06T18:15:31Z

Modified

2018-06-06T17:40:41Z

Summary

Updated gimp packages fix security vulnerabilities

Details

Updated gimp packages fix security vulnerabilities:

Several vulnerabilities were discovered in GIMP which could result in denial of service (application crash) or potentially the execution of arbitrary code if malformed files are opened (CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789).

Also, the webkit1-based help browser plugin has been disabled in favor of using an external browser for the help pages. This is due to security issues in webkit.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / gimp

Package

Name: gimp
Purl: pkg:rpm/mageia/gimp?distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.8.22-1.2.mga6

Ecosystem specific

{
    "section": "core"
}