VYPR

rpm package

suse/gimp&distro=SUSE Linux Enterprise Software Development Kit 12 SP4

pkg:rpm/suse/gimp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4

Vulnerabilities (3)

  • CVE-2017-17788MedDec 20, 2017
    affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1

    In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string.

  • CVE-2017-17786HigDec 20, 2017
    affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1

    In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in plug-ins/common/file-tga.c (related to bgr2rgb.part.1) via an unexpected bits-per-pixel value for an RGBA image.

  • CVE-2017-17785HigDec 20, 2017
    affected < 2.8.18-9.8.1fixed 2.8.18-9.8.1

    In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.