[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
GIMP: Fix CVE-2016-4994
From: |
Leo Famulari |
Subject: |
GIMP: Fix CVE-2016-4994 |
Date: |
Fri, 1 Jul 2016 16:19:42 -0400 |
User-agent: |
Mutt/1.6.0 (2016-04-01) |
GIMP has a use-after-free bug related to XCF file parsing that allows
arbitrary code execution:
https://security-tracker.debian.org/tracker/CVE-2016-4994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994
This patch cherry-picks the upstream commit from the gimp-2-8 branch:
https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f
Leo Famulari (1):
gnu: gimp: Fix CVE-2016-4994.
gnu/local.mk | 1 +
gnu/packages/gimp.scm | 1 +
gnu/packages/patches/gimp-CVE-2016-4994.patch | 96 +++++++++++++++++++++++++++
3 files changed, 98 insertions(+)
create mode 100644 gnu/packages/patches/gimp-CVE-2016-4994.patch
0001-gnu-gimp-Fix-CVE-2016-4994.patch
Description: Text Data
- GIMP: Fix CVE-2016-4994,
Leo Famulari <=