Branch sisyphus update bulletin.

Package gimp updated to version 2.8.22-alt1 for branch sisyphus in task 183573.

Published: 2007-06-08
Modified: 2024-11-21

CVE-2007-3126

Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237.

Severity: MEDIUM (5.0)

References:

43453
43453
20070607 Re: CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files
20070607 Re: CSIS Advisory: Microsoft GDI+ Integer division by zero flaw handling .ICO files
https://bugzilla.gnome.org/show_bug.cgi?id=778604
https://bugzilla.gnome.org/show_bug.cgi?id=778604
gimp-ico-file-dos(34789)
gimp-ico-file-dos(34789)
https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7
https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7
https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/
https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/

Version: 2.1.0

Branch sisyphus update on 2017-05-31

ALT-BU-2017-3149-1

ALT-PU-2017-1669-1

Closed vulnerabilities

CVE-2007-3126