{"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2022:7978","synopsis":"Moderate: gimp security and enhancement update","severity":"SEVERITY_MODERATE","topic":"An update for gimp is now available for Rocky Linux 9.\nRocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.","description":"The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAdditional Changes:\nFor detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.","solution":null,"affectedProducts":["Rocky Linux 9"],"fixes":[{"ticket":"2087591","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2087591","description":"CVE-2022-30067 gimp: buffer overflow through a crafted XCF file"},{"ticket":"2103202","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2103202","description":"CVE-2022-32990 gimp: unhandled exception via a crafted XCF file may lead to DoS"}],"cves":[{"name":"CVE-2022-30067","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-30067.json","cvss3ScoringVector":"CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:N\/A:H","cvss3BaseScore":"6.2","cwe":"CWE-252->CWE-770->CWE-120"},{"name":"CVE-2022-32990","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-32990.json","cvss3ScoringVector":"CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:N\/A:H","cvss3BaseScore":"5.5","cwe":"(CWE-393|CWE-755)->CWE-125"}],"references":[],"publishedAt":"2023-01-26T21:50:01.659387Z","rpms":{},"rebootSuggested":false,"buildReferences":[]}