Описание
Security update for gimp
gimp was updated to version 2.8.16 to fix one security issue.
This security issue was fixed:
- CVE-2016-4994: Use-after-free vulnerabilities in the channel and layer properties parsing process (bsc#986021).
This non-security issues were fixed:
- Core:
- Seek much less when writing XCF
- Don't seek past the end of the file when writing XCF
- Fix velocity parameter on .GIH brushes
- Fix brokenness while transforming certain sets of linked layers
- GUI:
- Always show image tabs in single window mode
- Fix switching of dock tabs by DND hovering
- Don't make the scroll area for tags too small
- Fixed a crash in the save dialog
- Fix issue where ruler updates made things very slow on Windows -Plug-ins:
- Fix several issues in the BMP plug-in
- Make Gfig work with the new brush size behavior again
- Fix font export in the PDF plug-in
- Support layer groups in OpenRaster files
- Fix loading of PSD files with layer groups
Список пакетов
openSUSE Leap 42.1
gimp-2.8.16-4.1
gimp-devel-2.8.16-4.1
gimp-help-browser-2.8.16-4.1
gimp-lang-2.8.16-4.1
gimp-plugin-aa-2.8.16-4.1
gimp-plugins-python-2.8.16-4.1
libgimp-2_0-0-2.8.16-4.1
libgimp-2_0-0-32bit-2.8.16-4.1
libgimpui-2_0-0-2.8.16-4.1
libgimpui-2_0-0-32bit-2.8.16-4.1
Ссылки
- E-Mail link for openSUSE-SU-2016:1727-1
- SUSE Security Ratings
Описание
Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file.
Затронутые продукты
openSUSE Leap 42.1:gimp-2.8.16-4.1
openSUSE Leap 42.1:gimp-devel-2.8.16-4.1
openSUSE Leap 42.1:gimp-help-browser-2.8.16-4.1
openSUSE Leap 42.1:gimp-lang-2.8.16-4.1
Ссылки
- CVE-2016-4994
- SUSE Bug 986021