Format: 1.8
Date: Tue, 28 Nov 2023 07:38:10 -0500
Source: gimp
Binary: gimp libgimp2.0 libgimp2.0-dev
Architecture: s390x s390x_translations
Version: 2.10.18-1ubuntu0.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-s390x-014.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 gimp       - GNU Image Manipulation Program
 libgimp2.0 - Libraries for the GNU Image Manipulation Program
 libgimp2.0-dev - Headers and other files for compiling plugins for GIMP
Launchpad-Bugs-Fixed: 1982422
Changes:
 gimp (2.10.18-1ubuntu0.1) focal-security; urgency=medium
 .
   [ Luís Infante da Câmara ]
   * SECURITY UPDATE: Buffer overflow leading to insufficient memory or
     program crash via a crafted XCF file (LP: #1982422)
     - debian/patches/CVE-2022-30067.patch: Stop loading paths and skip to
       the next property when xcf_old_path fails.
     - CVE-2022-30067
   * SECURITY UPDATE: Denial of service via a crafted XCF file
     (LP: #1982422)
     - debian/patches/CVE-2022-32990-1.patch: Check maximum dimensions when
       loading XCF files.
     - debian/patches/CVE-2022-32990-2.patch: Check for invalid offsets when
       loading XCF files.
     - debian/patches/CVE-2022-32990-3.patch: Return TRUE in
       gimp_channel_is_empty when channel is NULL.
     - CVE-2022-32990
 .
   [ Marc Deslauriers ]
   * SECURITY UPDATE: DDS File Parsing Heap-based Buffer Overflow
     - debian/patches/CVE-2023-44441-1.patch: verify header information in
       plug-ins/file-dds/ddsread.c.
     - debian/patches/CVE-2023-44441-2.patch: fix checks in
       plug-ins/file-dds/ddsread.c.
     - debian/patches/CVE-2023-44441-3.patch: add additional fixes in
       plug-ins/file-dds/ddsread.c.
     - CVE-2023-44441
   * SECURITY UPDATE: PSD File Parsing Heap-based Buffer Overflow
     - debian/patches/CVE-2023-44442.patch: add missing break statement in
       plug-ins/file-psd/psd-util.c.
     - CVE-2023-44442
   * SECURITY UPDATE: PSP File Parsing Off-By-One
     - debian/patches/CVE-2023-44444.patch: fix buffer size in
       plug-ins/common/file-psp.c.
     - CVE-2023-44444
Checksums-Sha1:
 6e6e41f0b0845cf3447f676cb5d58c40e66158f7 15385544 gimp-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 5fb3d663db6f521b423805ac0e216e38cf92611c 22322 gimp_2.10.18-1ubuntu0.1_s390x.buildinfo
 b459893b468899eba5077f793462d2584edf7319 3833944 gimp_2.10.18-1ubuntu0.1_s390x.deb
 bd620c89d722aa5e4fd76a2eca64f2cb7919e65b 18126251 gimp_2.10.18-1ubuntu0.1_s390x_translations.tar.gz
 04aec30fe336d9d92ae5cb5b8abff7077d3f1ace 1333788 libgimp2.0-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 491b37ac536f9bc8135ad73399cabcb438262316 18296 libgimp2.0-dev-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 53d421031b7b91c92e5699e65fbae68eb41cfc79 103120 libgimp2.0-dev_2.10.18-1ubuntu0.1_s390x.deb
 c31d92db616e4ca7852b42fc73f12414ef6babb0 387744 libgimp2.0_2.10.18-1ubuntu0.1_s390x.deb
Checksums-Sha256:
 9705c04b9c9619de6da5ddf92def58b4cba91b437634727a0ca777adc2ac8477 15385544 gimp-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 b7bb06825a2e858da6e3f2db430e20e345f7068803a0330d2d240919b93ec564 22322 gimp_2.10.18-1ubuntu0.1_s390x.buildinfo
 0482eac9d51458c91e9786832d38f503f0b42aefcc45a4664eb1a3d682e0bbd1 3833944 gimp_2.10.18-1ubuntu0.1_s390x.deb
 97a579f9077ec8692292154ae9bacfbc6897214164c0dfd419fbb94315651a59 18126251 gimp_2.10.18-1ubuntu0.1_s390x_translations.tar.gz
 c18c8464df927e339843523c2aedce422eac4e8e576b4d21690555e63f7f5082 1333788 libgimp2.0-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 83d4b74ac542f58a4c2890b5859d20cfd06fa9510f99e1e70ee1c377d0b7199f 18296 libgimp2.0-dev-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 7accadd75c0bc315b8ee70dccf779eb84aa8ba6708d2b83349c6676af5c9b113 103120 libgimp2.0-dev_2.10.18-1ubuntu0.1_s390x.deb
 87ca8689154f3acce10701ae641f970e914cf73986df6e06a57ee7c74be45e97 387744 libgimp2.0_2.10.18-1ubuntu0.1_s390x.deb
Files:
 4256c62241515d6a3c6cbf0cb65e9249 15385544 debug optional gimp-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 20054d7ad85d4bf2ccdeaaff9225d263 22322 graphics optional gimp_2.10.18-1ubuntu0.1_s390x.buildinfo
 dbaf73909658617714410cbcbf0caae1 3833944 graphics optional gimp_2.10.18-1ubuntu0.1_s390x.deb
 9c86eb28155e4193238ac82a84ec8fd5 18126251 raw-translations - gimp_2.10.18-1ubuntu0.1_s390x_translations.tar.gz
 f144daa200525d3569e5e3f40214c52f 1333788 debug optional libgimp2.0-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 04f5aecda1a97f28fbe7a6daac9ea3d4 18296 debug optional libgimp2.0-dev-dbgsym_2.10.18-1ubuntu0.1_s390x.ddeb
 0618c2408bd3cc761cc35ac4a4d10739 103120 libdevel optional libgimp2.0-dev_2.10.18-1ubuntu0.1_s390x.deb
 60614de99a68a75bfe2bd7e0f69d6e8e 387744 libs optional libgimp2.0_2.10.18-1ubuntu0.1_s390x.deb
Original-Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>