Mageia alert MGASA-2012-0360 (gimp) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2012-0360: gimp-2.8.2-1.2.mga2 (2/core) 
Date:
    	       Tue, 11 Dec 2012 22:28:01 +0100
Message-ID:
    	       <20121211212801.GA24523@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2012-0360
Date: 	December 11th, 2012
Affected releases: 	2


Description:
Updated gimp packages fix security vulnerability:

GIMP 2.8.2 and earlier is vulnerable to memory corruption when reading
XWD
files, which could lead even to arbitrary code execution
(CVE-2012-5576).


Updated Packages:
gimp-2.8.2-1.2.mga2
gimp-python-2.8.2-1.2.mga2
lib(64)gimp2.0_0-2.8.2-1.2.mga2
lib(64)gimp2.0-devel-2.8.2-1.2.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576
http://lists.opensuse.org/opensuse-updates/2012-12/msg000...
https://bugs.mageia.org/show_bug.cgi?id=8326
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
(Log in to post comments)