Описание
Security update for gimp
This update for gimp fixes the following issues:
- CVE-2025-48797: Fixed two buffer over-reads and one heap-based buffer overflow in its TGA parser (bsc#1243711).
- CVE-2025-48798: Fixed two use-after-free bugs and one double free bug in its XCF parser (bsc#1243712).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP6
gimp-2.10.30-150400.3.20.1
gimp-devel-2.10.30-150400.3.20.1
gimp-lang-2.10.30-150400.3.20.1
gimp-plugin-aa-2.10.30-150400.3.20.1
libgimp-2_0-0-2.10.30-150400.3.20.1
libgimpui-2_0-0-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP7
gimp-2.10.30-150400.3.20.1
gimp-devel-2.10.30-150400.3.20.1
gimp-lang-2.10.30-150400.3.20.1
gimp-plugin-aa-2.10.30-150400.3.20.1
libgimp-2_0-0-2.10.30-150400.3.20.1
libgimpui-2_0-0-2.10.30-150400.3.20.1
SUSE Linux Enterprise Workstation Extension 15 SP6
gimp-2.10.30-150400.3.20.1
gimp-devel-2.10.30-150400.3.20.1
gimp-lang-2.10.30-150400.3.20.1
libgimp-2_0-0-2.10.30-150400.3.20.1
libgimpui-2_0-0-2.10.30-150400.3.20.1
SUSE Linux Enterprise Workstation Extension 15 SP7
gimp-2.10.30-150400.3.20.1
gimp-devel-2.10.30-150400.3.20.1
gimp-lang-2.10.30-150400.3.20.1
libgimp-2_0-0-2.10.30-150400.3.20.1
libgimpui-2_0-0-2.10.30-150400.3.20.1
openSUSE Leap 15.6
gimp-2.10.30-150400.3.20.1
gimp-devel-2.10.30-150400.3.20.1
gimp-lang-2.10.30-150400.3.20.1
gimp-plugin-aa-2.10.30-150400.3.20.1
libgimp-2_0-0-2.10.30-150400.3.20.1
libgimp-2_0-0-32bit-2.10.30-150400.3.20.1
libgimpui-2_0-0-2.10.30-150400.3.20.1
libgimpui-2_0-0-32bit-2.10.30-150400.3.20.1
Ссылки
- Link for SUSE-SU-2025:02164-1
- E-Mail link for SUSE-SU-2025:02164-1
- SUSE Security Ratings
- SUSE Bug 1243711
- SUSE Bug 1243712
- SUSE CVE CVE-2025-48797 page
- SUSE CVE CVE-2025-48798 page
Описание
A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-devel-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-lang-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-plugin-aa-2.10.30-150400.3.20.1
Ссылки
- CVE-2025-48797
- SUSE Bug 1243711
Описание
A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-devel-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-lang-2.10.30-150400.3.20.1
SUSE Linux Enterprise Module for Package Hub 15 SP6:gimp-plugin-aa-2.10.30-150400.3.20.1
Ссылки
- CVE-2025-48798
- SUSE Bug 1243712