-
gimp (2.6.8-2ubuntu1.6) lucid-security; urgency=low
* SECURITY UPDATE: code execution via malformed xwd files
- debian/patches/13_CVE-2012-5576.patch: validate sizes in
plug-ins/common/file-xwd.c.
- CVE-2012-5576
-- Marc Deslauriers <email address hidden> Thu, 06 Dec 2012 13:36:06 -0500
-
gimp (2.6.8-2ubuntu1.5) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via malformed .fit file header
- debian/patches/10_CVE-2012-3236.patch: check for valid XTENSION
header in plug-ins/file-fits/fits-io.c.
- CVE-2012-3236
* SECURITY UPDATE: denial of service and possible code execution via
crafted KiSS palette file
- debian/patches/11_CVE-2012-3403.patch: validate return codes and
header data in plug-ins/common/file-cel.c.
- CVE-2012-3403
* SECURITY UPDATE: denial of service and possible code execution via
crafted GIF image file
- debian/patches/12_CVE-2012-3481.patch: validate sizes, and prevent
overflows in plug-ins/common/file-gif-load.c.
- CVE-2012-3481
-- Marc Deslauriers <email address hidden> Wed, 05 Sep 2012 15:53:06 -0400
-
gimp (2.6.8-2ubuntu1.4) lucid-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via malformed GIF
- debian/patches/09_CVE-2011-2896.patch: properly calculate lengths in
plug-ins/common/file-gif-load.c.
- CVE-2011-2896
-- Marc Deslauriers <email address hidden> Wed, 21 Sep 2011 11:42:59 -0400
-
gimp (2.6.8-2ubuntu1.3) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed PSP image file
- debian/patches/08_CVE-2011-1782.patch: further fix buffer overflow in
plug-ins/common/file-psp.c.
- CVE-2011-1782
-- Marc Deslauriers <email address hidden> Wed, 08 Jun 2011 10:39:50 -0400
-
gimp (2.6.8-2ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed plugin configuration files
- debian/patches/05_CVE-2010-454x.patch: fix format strings in
plug-ins/{common/sphere-designer,gfig/gfig-style,
lighting/lighting-ui}.c.
- CVE-2010-4540
- CVE-2010-4541
- CVE-2010-4542
* SECURITY UPDATE: denial of service and possible code execution via
malformed PSP image file
- debian/patches/06_CVE-2010-4543.patch: fix buffer overflow in
plug-ins/common/file-psp.c.
- CVE-2010-4543
-- Marc Deslauriers <email address hidden> Thu, 07 Apr 2011 11:49:07 -0400
-
gimp (2.6.8-2ubuntu1.1) lucid-proposed; urgency=low
* debian/patches/04_gimp-statusbar.patch:
+ Fixes bug where some elements are not shown in the statusbar (LP: #537275)
Origin: upstream commit 501c4f65f08c111df0654cb887d95c2c06e82710
-- Bhaskar Kandiyal <email address hidden> Tue, 13 Apr 2010 17:09:23 +0530
-
gimp (2.6.8-2ubuntu1) lucid; urgency=low
* Merge with debian, remaining changes:
+ debian/patches/02_help-message.patch,
debian/patches/03_gimp.desktop.in.in.patch:
- updated some strings for ubuntu
+ debian/rules:
- updated translation templates
+ debian/control:
- set Vcs-Bzr url
gimp (2.6.8-2) unstable; urgency=low
* Fix dependencies in libgimp2.0-dev (Closes: #569420)
* Change libjpeg62-dev build-depend to libjpeg-dev
gimp (2.6.8-1) unstable; urgency=low
* New upstream release
* Switch to 3.0 (quilt) format
-- Didier Roche <email address hidden> Fri, 26 Feb 2010 19:10:31 +0100
-
gimp (2.6.7-1.1ubuntu1) lucid; urgency=low
* Sync on Debian
* debian/patches/02_help-message.patch,
debian/patches/03_gimp.desktop.in.in.patch:
- updated some strings for ubuntu
* debian/control:
- Drop webkit build dependency. gimp is the only thing pulling in webkit
for the desktop CDs, and makes them explode. Without the webkit help
browser plugin, help will just be displayed in the default browser.
- set vcs url
* debian/rules:
- updated translation templates
gimp (2.6.7-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* This update fixes the following security issues:
- CVE-2009-3909: integer overflow in PSD file loader leading to
a heap-based buffer overflow (Closes: #556750).
- CVE-2009-1570: integer overflow in BMP file loader leading to
a heap-based buffer overflow (Closes: #555929).
* Add ${shlibs: Depends} to depends of libgimp-dev (Closes: #553234).
-- Sebastien Bacher <email address hidden> Fri, 27 Nov 2009 00:16:26 +0100
-
gimp (2.6.7-1ubuntu1) karmic; urgency=low
* Merge with Debian unstable (LP: #419593), remaining changes:
- debian/patches/02_help-message.patch,
debian/patches/03_gimp.desktop.in.in.patch:
+ updated some strings for ubuntu
- debian/rules:
+ updated translation templates
- debian/control:
+ Drop webkit build dependency. gimp is the only thing pulling in webkit
for the desktop CDs, and makes them explode. Without the webkit help
browser plugin, help will just be displayed in the default browser.
* debian/patches/01_debian-gimprc.patch:
- Updated
* debian/control:
- Added a BZR link
-- Robert Ancell <email address hidden> Mon, 31 Aug 2009 10:24:10 +0200
