Bug 18945

Summary: GIMP 2.8.18 fixes security problem
Product: Mageia Reporter: psyca <linux>
Component: RPM PackagesAssignee: Shlomi Fish <shlomif>
Status: RESOLVED DUPLICATE QA Contact:
Severity: critical    
Priority: Normal CC: luigiwalser, thierry.vignaud
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5TOO
Source RPM: CVE:
Status comment:

Description psyca 2016-07-14 22:50:46 CEST 
Description of problem:

Copy from
https://www.gimp.org/news/2016/07/14/gimp-2-8-18-released/

"We are releasing GIMP 2.8.18 to fix a vulnerability in the XCF loading code (CVE-2016-4994). With special XCF files, GIMP can be caused to crash, and possibly be made to execute arbitrary code provided by the attacker."
psyca 2016-07-14 22:52:38 CEST

Whiteboard: (none) => MGA5TOO

Thierry Vignaud 2016-07-14 23:36:09 CEST

CC: (none) => luigiwalser, thierry.vignaud

Comment 1 David Walser 2016-07-14 23:40:27 CEST 
Fortunately we already fixed this security problem.  Perhaps an updated to 2.8.18 could be considered for Cauldron.  I'll leave that up to Shlomi.

*** This bug has been marked as a duplicate of bug 18804 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE