Debian alert DLA-4483-1 (gimp)
| From: | Thorsten Alteholz <debian@alteholz.de> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 4483-1] gimp security update | |
| Date: | Wed, 18 Feb 2026 18:32:59 +0000 | |
| Message-ID: | <aeb7e6c0-36b-da37-a0f9-e4e19afa145b@alteholz.de> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4483-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Thorsten Alteholz February 18, 2026 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : gimp Version : 2.10.22-4+deb11u6 CVE ID : CVE-2025-15059 CVE-2026-2239 CVE-2026-2271 CVE-2026-2272 Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service or potentially the execution of arbitrary code if malformed PSD, PSP or ICO files are opened. For Debian 11 bullseye, these problems have been fixed in version 2.10.22-4+deb11u6. We recommend that you upgrade your gimp packages. For the detailed security status of gimp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gimp Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmmWBdtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEdsABAAw4K+lyyY+Wm9rojLhXlit49vzSDA8xfCpjFWNAXRpxNU0okKGwK+ZLz+ QsL2124Bl4tR9ADVlZjcDvg+RTDM2tVHIIFkH4SdXVhOmX+YLEke18LcFbU1hHXS 6Do5U5m2yUCZLdISoRSoOKdIfFWxLJhwQhEUi6pO1T8xbeOIEiFdN8JV3cR6qFt1 4vu6cEYw04B574gJiQfIBGlZf0QhnTZ5FCY1zsVBehMgLvfns2ZFnN2tQZv/cmca RnzSgPov6/Q2Yl/OeLbvpiDBNlg3UD/616CCoYme6eyoENM0Uc2yBKDr0sKqTyz7 4g/bqDUM3unf1W+4l881Iu/WMxHtH8PbUDG1UQcfNPTJ/ZlXdlHbwopSmQGDUraX gKQyQepXOPFIBlag2T1ABxEPsL02Ag1gd//ps31rhKCmrAUPSI1Q7z2KcvexpvqB ojyVsFx/6vljcjKctRH0ODdxtVMz5FcRhoVMwwR87AJGgUw1xslV2jUKw8E5JdxT VaFV/qXMf59WCFdXq3eDR+PykCbHTWwSl8lqJ9zt5cBnZxbhr9zA/FvZ627x0+1w 783pFMKUqzKxX+8MlfeJ2OKk704lSAE9Gc2kiP07CbkiGdI8tBqHAyt6E45Qr/Y1 DxeBOdIrxsylJZtjZWUPc50U3yRGAeau0bgje97Aqgxi6GkYOoI= =CpNh -----END PGP SIGNATURE-----