Slackware: 2023-320-01: gimp Security Update
Summary
Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gimp-2.10.36-i586-1_slack15.0.txz: Upgraded. This release fixes security issues: If a user loads a malicious DDS, PSD, or PSP file, this could result in a program crash or possibly the execution of arbitrary code. Please note that this package also requires the updated gegl package. Thanks to henca for the heads-up. For more information, see: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/ https://www.zerodayinitiative.com/advisories/ZDI-23-1591/ https://www.zerodayinitiative.com/advisories/ZDI-23-1592/ https://www.zerodayinitiative.com/advisories/ZDI-23-1593/ https://www.zerodayinitiative.com/advisories/ZDI-23-1594/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444 (* Security fix *)
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/gimp-2.10.36-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:
MD5 Signatures
Slackware 15.0 package:
405c519ddcdd8b84299315dd567c014e gimp-2.10.36-i586-1_slack15.0.txz
Slackware x86_64 15.0 package:
03365737f0bfbe3bb2307b6b4670610b gimp-2.10.36-x86_64-1_slack15.0.txz
Slackware -current package:
2e4fd2a98e7b7f5cb3fa70242accd547 xap/gimp-2.10.36-i586-1.txz
Slackware x86_64 -current package:
1935e4ebc9980f687283785870ae3812 xap/gimp-2.10.36-x86_64-1.txz
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg gimp-2.10.36-i586-1_slack15.0.txz