-
gimp (2.8.18-1+deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
* Out of bounds read / heap overflow in TGA importer (CVE-2017-17786)
(Closes: #884862)
* plug-ins: TGA 16-bit RGB (without alpha bit) is also valid
* Heap buffer overflow in PSP importer (CVE-2017-17789) (Closes: #884837)
* heap overread in gbr parser / load_image (CVE-2017-17784)
(Closes: #884925)
* heap overread in psp importer (CVE-2017-17787) (Closes: #884927)
* Heap overflow while parsing FLI files (CVE-2017-17785) (Closes: #884836)
* buffer overread in XCF parser if version field has no null terminator
(CVE-2017-17788) (Closes: #885347)
-- Salvatore Bonaccorso <email address hidden> Tue, 26 Dec 2017 22:39:04 +0100
-
gimp (2.8.18-1) unstable; urgency=low
* Imported Upstream version 2.8.18 (Closes: #820207)
* Build with full set of hardening flags, including PIE
* Update standards version
* Update debhelper version
-- Ari Pollak <email address hidden> Thu, 14 Jul 2016 19:46:43 -0400
-
gimp (2.8.16-2.2) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2016-4994: Use-after-free vulnerabilities in the channel and layer
properties parsing process (Closes: #828179)
-- Salvatore Bonaccorso <email address hidden> Tue, 05 Jul 2016 09:39:12 +0200
-
gimp (2.8.16-2) unstable; urgency=medium
* Remove JPEG 2000 support due to jasper removal from Debian (Closes: #818216)
-- Ari Pollak <email address hidden> Mon, 23 May 2016 20:05:27 -0400
-
gimp (2.8.16-1) unstable; urgency=low
* Imported Upstream version 2.8.16
-- Ari Pollak <email address hidden> Tue, 24 Nov 2015 14:19:08 -0500
-
gimp (2.8.14-1.2) unstable; urgency=medium
* Non-maintainer upload.
* Upload to unstable.
-- Matteo F. Vescovi <email address hidden> Mon, 05 Oct 2015 17:26:27 +0200
-
gimp (2.8.14-1) unstable; urgency=medium
* Imported Upstream version 2.8.14
* Fixes segfault when removing tag from palette (Closes: #736625)
* Bump standards version to 3.9.6
-- Ari Pollak <email address hidden> Sat, 20 Sep 2014 21:10:52 -0400
