it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 6014-1] gimp security update
- Date: Sun, 28 Sep 2025 14:55:49 +0000
- Authentication-results: lists.piratenpartei.de; dkim=none; dmarc=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
- List-archive: https://lists.debian.org/msgid-search/aNlMdXlrv4liZeOH AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=EwYQISvFRM2+q8yd3Fr0+lje+I3VyKh/19kwGYc7UUM=; b=j0 LvFLz/ounqn8f3jGZjavLWkD2lZuuI4Acwo6rGDPoyiDOAxrItCGzUHMkfhi4+OFz90JcgUx/MzOe NjCgFRMAICvUML3Vj54YLljOIk9muypycUKYdckISDf7PrRHUkSYRcQysw7YFNwB3YzVmP1ulhoz2 QwiaUkWy01Bwn4n4I2lATwg4FZdxyHLmMMmwHjCYOXlw1Cfl9lhy8lOAD/ef5PGy7Six619F4Vptz g7xsi8lNCqdWLlaApjuLgZCWgKKaWWpsRRYdsffWQLmjenHReJnr9YOhEWVqLcTsFAJwtM4ENBrnU wvqEn3YScmXRmZ4q+KkmBok0Ntfo1rKQ==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Sun, 28 Sep 2025 14:56:10 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <j8dc79eGseK.A.nB9D.KyU2oB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-6014-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
September 28, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gimp
CVE ID : CVE-2025-10920 CVE-2025-10922 CVE-2025-10923 CVE-2025-10924
Several vulnerabilities were discovered in GIMP, the GNU Image
Manipulation Program, which could result in denial of service or
potentially the execution of arbitrary code if malformed Farbfeld,
Wireless Bitmap, DICOM or Apple Icon images are opened.
For the stable distribution (trixie), these problems have been fixed in
version 3.0.4-3+deb13u1.
We recommend that you upgrade your gimp packages.
For the detailed security status of gimp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/gimp
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmjZSvkACgkQEMKTtsN8
TjZRPw/9G3TBaaoPmvHMvcs0ZOUbr+C2n4BTIiMabGONj8IMNQxF9MeIk5zPsMRm
Avk1o4gzQT3rf90S4Rtetv12ITkRarIt4ZfnYDewJqyP6VFA/sCYat41JPKxOT2I
R7z1VNtTfqd3GzI++ASXByfP2L11EW0K0vqQCwYF85V5Z7vsdVDsMv13KGNXRua5
0C9VvQ23zGnnOK3RyYapPGzyTFiS3Y+x+g5+0MOphNJY9PYlhDeohCPP7u/yuy/M
jXQfMkiRgdTCgyMhMf2nqF6jvnbyz9WtY00rWc1yajWfxKSNyViQUCfzzCq1qwlu
/zKh0u0RooeqGzxByQ84uu7OEqD72n9iW46y/anS5+nMoIILcq9EQdhY02a2p2gH
3/0LQ342B4ew4F6wx/iIlGMXdcaVt1A+gkC0hVP4T8s3hWTGnwoCmNz7DQd9m18w
RxgyqlUnYRa7/BoVacw3ypGURUOSU0vZLsYYczAZwMlSByfnaB1IWp6F2RRnwP5p
nHtjqM4a0AZgUqghPI3j6TDQGjmd/3BhYb5wXJf2BcCLjIW+qo2wsuHte/kmjxoY
9j/kzuBGrXysg7droDhEFfKs3XaKBPtHCQYCKFndGa8KNohy4vbnfCLpZg0omthl
Cend0SL981VBdP0nsP5PoHdjh/xzKnouQxH7pTu8ZeLSUdyfSNc=
=hK5f
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 6014-1] gimp security update, Moritz Muehlenhoff, 28.09.2025
Archiv bereitgestellt durch MHonArc 2.6.19+.