Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Slackware 15.0: SSA:2023-320-01 Critical: Gimp Software Update

slackware
Calendar Grey November 16, 2023
Dist Slackware Esm H88
Gimp upgrade for Slackware 15.0 resolves significant vulnerabilities, enhancing user protection and program reliability.
New gimp packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gimp-2.10.36-i586-1_slack15.0.txz: Upgraded. This release fixes security issues: If a user loads a malicious DDS, PSD, or PSP file, this could result in a program crash or possibly the execution of arbitrary code. Please note that this package also requires the updated gegl package. Thanks to henca for the heads-up. For more information, see: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/ https://www.zerodayinitiative.com/advisories/ZDI-23-1591/ https://www.zerodayinitiative.com/advisories/ZDI-23-1592/ https://www.zerodayinitiative.com/advisories/ZDI-23-1593/ https://www.zerodayinitiative.com/advisories/ZDI-23-1594/ https://www.cve.org/CVERecord?id=CVE-2023-44441 https://www.cve.org/CVERecord?id=CVE-2023-44442 https://www.cve.org/CVERecord?id=CVE-2023-44443 https://www.cve.org/CVERecord?id=CVE-2023-44444 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical software update slackware execution risk gimp program crash

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/gimp-2.10.36-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 15.0 package: 405c519ddcdd8b84299315dd567c014e gimp-2.10.36-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 03365737f0bfbe3bb2307b6b4670610b gimp-2.10.36-x86_64-1_slack15.0.txz
Slackware -current package: 2e4fd2a98e7b7f5cb3fa70242accd547 xap/gimp-2.10.36-i586-1.txz
Slackware x86_64 -current package: 1935e4ebc9980f687283785870ae3812 xap/gimp-2.10.36-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical software update slackware execution risk gimp program crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg gimp-2.10.36-i586-1_slack15.0.txz

Your message here