Explore top 10 tips to secure your open-source projects now. Read More
×
This update for gimp fixes the following issues:
Changes in gimp:
- CVE-2026-58379: Fix PSP File Parsing Heap Buffer Overflow (bsc#1270299)
- CVE-2026-58380: Fix buffer overflow in pnmscanner_gettoken (bsc#1270444)
- CVE-2026-58381: Prevent double-freeing PSP layer name (bsc#1270239)
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-packagehub-422=1
- openSUSE Leap 16.0:
gimp-3.0.8-bp160.5.1
gimp-devel-3.0.8-bp160.5.1
gimp-extension-goat-excercises-3.0.8-bp160.5.1
gimp-lang-3.0.8-bp160.5.1
gimp-plugin-aa-3.0.8-bp160.5.1
gimp-plugin-python3-3.0.8-bp160.5.1
gimp-vala-3.0.8-bp160.5.1
libgimp-3_0-0-3.0.8-bp160.5.1
libgimpui-3_0-0-3.0.8-bp160.5.1
* bsc#1270239
* bsc#1270299
* bsc#1270444
References:
* https://www.suse.com/security/cve/CVE-2026-58379.html
* https://www.suse.com/security/cve/CVE-2026-58380.html
* https://www.suse.com/security/cve/CVE-2026-58381.html
Get the latest Linux and open source security news straight to your inbox.