Fedora alert FEDORA-2026-3e21dad421 (gimp)
| From: | updates--- via package-announce <package-announce@lists.fedoraproject.org> | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 43 Update: gimp-3.0.8-5.fc43 | |
| Date: | Sun, 01 Mar 2026 00:53:39 +0000 | |
| Message-ID: | <20260301005339.C14E76FEFD@bastion01.rdu3.fedoraproject.org> | |
| Archive-link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3e21dad421 2026-03-01 00:52:28.948310+00:00 -------------------------------------------------------------------------------- Name : gimp Product : Fedora 43 Version : 3.0.8 Release : 5.fc43 URL : https://www.gimp.org Summary : GNU Image Manipulation Program Description : GIMP (GNU Image Manipulation Program) is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for web pages. GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. -------------------------------------------------------------------------------- Update Information: This is a security update fixing the loader for PSD files. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2026 Nils Philippsen <nils@tiptoe.de> - 2:3.0.8-5 - Fix overflows and crashes in the PSD loader -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437677 - CVE-2026-2239 gimp: GIMP: Denial of Service via crafted PSD file due to heap-buffer-overflow [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437677 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3e21dad421' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond... List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-ann... Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new