OESA-2026-1003

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1003
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2026-1003.json
JSON Data
https://api.osv.dev/v1/vulns/OESA-2026-1003
Upstream
Published
2026-01-09T14:05:28Z
Modified
2026-01-09T14:30:03.512586Z
Summary
gimp security update
Details

The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing, and conversions, together with multilevel undo. The GIMP offers a scripting facility, but many of the included scripts rely on fonts that we cannot distribute.

Security Fix(es):

A vulnerability has been found in GIMP (Image Processing Software) and classified as critical. The CWE definition for the vulnerability is CWE-122. A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). As an impact it is known to affect confidentiality, integrity, and availability. Applying the patch 03575ac8cbb0ef3103b0a15d6598475088dcc15e is able to eliminate this problem.(CVE-2025-15059)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:24.03-LTS-SP1 / gimp

Package

Name
gimp
Purl
pkg:rpm/openEuler/gimp&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.2-7.oe2403sp1

Ecosystem specific 

{
    "aarch64": [
        "gimp-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-debuginfo-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-debugsource-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-devel-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-extension-goat-excercises-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-libs-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-plugin-aa-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-plugin-python3-3.0.2-7.oe2403sp1.aarch64.rpm",
        "gimp-vala-3.0.2-7.oe2403sp1.aarch64.rpm"
    ],
    "src": [
        "gimp-3.0.2-7.oe2403sp1.src.rpm"
    ],
    "x86_64": [
        "gimp-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-debuginfo-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-debugsource-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-devel-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-extension-goat-excercises-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-libs-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-plugin-aa-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-plugin-python3-3.0.2-7.oe2403sp1.x86_64.rpm",
        "gimp-vala-3.0.2-7.oe2403sp1.x86_64.rpm"
    ]
}

Database specific

source 
"https://repo.openeuler.org/security/data/osv/OESA-2026-1003.json"