Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gimp for openSUSE:Factory checked in at 2026-01-28 15:05:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gimp (Old) and /work/SRC/openSUSE:Factory/.gimp.new.1928 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gimp" Wed Jan 28 15:05:28 2026 rev:163 rq:1329369 version:3.0.8 Changes: -------- --- /work/SRC/openSUSE:Factory/gimp/gimp.changes 2026-01-18 22:19:05.488169271 +0100 +++ /work/SRC/openSUSE:Factory/.gimp.new.1928/gimp.changes 2026-01-28 15:05:47.758626837 +0100 @@ -1,0 +2,105 @@ +Sun Jan 25 03:00:53 UTC 2026 - Marcus Rueckert <[email protected]> + +- Update to 3.0.8 + - Font Loading Performance + - Improvements in start-up time for users with a large number + of fonts was backported from our 3.2 RC2 release. As a + result, we now wait to load images until fonts are + initialized - this prevents some occasional odd displays and + other issues when an XCF file tried to access a partially + loaded font. + - Assorted updates and fixes + - Daniel Plakhotich helped us identify an issue when exporting + a lossless WEBP image could be affected by lossy settings + (such as Quality being less than 100%). We’ve updated our + WEBP plug-in to prevent this from happening. + - Thanks to Jehan‘s efforts, the standard gimp-3.0 executable + can now be run with a --no-interface flag instead of + requiring users to call gimp-console-3.0 even on devices with + no display. The --show-debug-menu flag is now visible as + well. + - programmer_ceds improved our flatpak by adding safe guards to + show the correct configuration directory regardless of + whether XDG_CONFIG_HOME is defined on the user’s system. This + should make it much easier for flatpak users to install and + use third party plug-ins. + - We fixed a rare but possible crash when using the Equalize + filter on images with NaN values. Images that contain these + are usually created from scientific or mapping data, so + you’re unlikely to come across them in standard editing. + - Jeremy Bicha fixed an internal issue where the wrong version + number could be used when installing minor releases (such as + the 3.2 release candidates and upcoming 3.2 stable release). + - As noted in our 3.2RC2 news post, we have updated our SVG + import code to improve the rendered path. + - Further improvements have been made to our non-destructive + filter code to improve stability, especially when copying and + pasting layers and images with filters attached to them. Some + issues related to applying NDE filters on Quick Masks have + also been corrected. + - An unintended Search pop-up that appeared when typing while + the Channels dockable was selected has been turned off. + - When saving XCFs for GIMP 2.10 compatibility, we + unintentionally saved Grid color using the new color format. + This caused errors when reopening the XCF in 2.10. This + problem has now been fixed! If you encounter any other XCF + incompatibility, please let us know. + - Themes and UX + - The Navigation and Selection Editor dockables no longer show + a large bright texture when no image is actively selected. + This was especially noticeable on dark themes. + - When a layer has no active filters, the Fx column had the + same “checkbox” outline when hovered over as the lock column. + This led to confusion about clicking it to add filters. We + have removed the outline on hover as a small step to help + address this. + - Ondřej Míchal fixed alignment and cut-off issues with the + buttons on our Transform tool overlays. All buttons should + now be properly centered and visible. + - The options for filling layers with colors when resizing the + canvas will be turned off when not relevant (such as when you + set layers to not be resized). + - More GUI elements such as dialog header icons will now + respond to your icon size preferences. + - Ondřej Míchal has continued his work to update our UI with + the more usable Spin Scale widget. He has also updated the + widget itself to improve how it works for users and + developers alike. + - Security fixes + - Jacob Boerema and Gabriele Barbero continued to patch + potential security issues related to some of our file format + plug-ins. In addition to existing fixes mentioned in the + release candidate news posts, the following exploits are now + prevented: ZDI-CAN-28232 ZDI-CAN-28265 ZDI-CAN-28530 + ZDI-CAN-28591 ZDI-CAN-28599 + - Another potential issue related to ICO files with incorrect + metadata was reported by Dhiraj. It does not have a CVE + number yet, but it has been fixed for GIMP 3.0.8. Jacob + Boerema also fixed a potential issue with loading Creator + blocks in Paintshop Pro PSP images. + - API + - For plug-in and script developers, a few new public APIs were + backported to GIMP 3.0.8. gimp_cairo_surface_get_buffer () + allows you to retrieve a GEGL buffer from a Cairo surface + (such as a text layer). Note that this deprecates + gimp_cairo_surface_create_buffer (). + - gimp_config_set_xcf_version () and + gimp_config_get_xcf_version () can be used to specify a + particular XCF version for a configuration. This will allow + you to have that data serialized/deserialized for certain + versions of GIMP if there were differences (such as the Grid + colors mentioned above). + - Fixes were made for retrieving image metadata via scripting. + GimpMetadata is now a visible child of GExiv2Metadata, so you + can use standard gexiv2 functions to retrieve information + from it. + - Original thumbnail metadata is also now removed on export to + prevent potential issues when exporting into a new format. +- drop patches included in the update + gimp-CVE-2025-14422.patch (bsc#1255293 CVE-2025-14422) + gimp-CVE-2025-14423.patch (bsc#1255294 CVE-2025-14423) + gimp-CVE-2025-14424.patch (bsc#1255295 CVE-2025-14424) + gimp-CVE-2025-14425.patch (bsc#1255296 CVE-2025-14425) + gimp-CVE-2025-15059.patch (bsc#1255766 CVE-2025-15059) + +------------------------------------------------------------------- Old: ---- gimp-3.0.6.tar.xz gimp-CVE-2025-14422.patch gimp-CVE-2025-14423.patch gimp-CVE-2025-14424.patch gimp-CVE-2025-14425.patch gimp-CVE-2025-15059.patch New: ---- gimp-3.0.8.tar.xz ----------(Old B)---------- Old:- drop patches included in the update gimp-CVE-2025-14422.patch (bsc#1255293 CVE-2025-14422) gimp-CVE-2025-14423.patch (bsc#1255294 CVE-2025-14423) Old: gimp-CVE-2025-14422.patch (bsc#1255293 CVE-2025-14422) gimp-CVE-2025-14423.patch (bsc#1255294 CVE-2025-14423) gimp-CVE-2025-14424.patch (bsc#1255295 CVE-2025-14424) Old: gimp-CVE-2025-14423.patch (bsc#1255294 CVE-2025-14423) gimp-CVE-2025-14424.patch (bsc#1255295 CVE-2025-14424) gimp-CVE-2025-14425.patch (bsc#1255296 CVE-2025-14425) Old: gimp-CVE-2025-14424.patch (bsc#1255295 CVE-2025-14424) gimp-CVE-2025-14425.patch (bsc#1255296 CVE-2025-14425) gimp-CVE-2025-15059.patch (bsc#1255766 CVE-2025-15059) Old: gimp-CVE-2025-14425.patch (bsc#1255296 CVE-2025-14425) gimp-CVE-2025-15059.patch (bsc#1255766 CVE-2025-15059) ----------(Old E)---------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gimp.spec ++++++ --- /var/tmp/diff_new_pack.7LOR0v/_old 2026-01-28 15:05:48.902674511 +0100 +++ /var/tmp/diff_new_pack.7LOR0v/_new 2026-01-28 15:05:48.902674511 +0100 @@ -85,7 +85,7 @@ %define pkg_name gimp Name: gimp -Version: 3.0.6 +Version: 3.0.8 Release: 0 %global pkg_version %{version} Summary: The GNU Image Manipulation Program @@ -100,16 +100,6 @@ Patch1: gimp-2.99.19-cm-system-monitor-profile-by-default.patch Patch2: gimp-2.99.19-external-help-browser.patch Patch3: gimp-2.99.19-no-phone-home-default.patch -# PATCH-FIX-UPSTREAM gimp-CVE-2025-15059.patch CVE-2025-15059 bsc#1255766 [email protected] -- vulnerability in file-psp -Patch4: gimp-CVE-2025-15059.patch -# PATCH-FIX-UPSTREAM gimp-CVE-2025-14422.patch bsc#1255293 [email protected] -- fix an overflow in the pnm parser. -Patch5: gimp-CVE-2025-14422.patch -# PATCH-FIX-UPSTREAM gimp-CVE-2025-14423.patch bsc#1255294 [email protected] -- fix an overflow parsing LBM files. -Patch6: gimp-CVE-2025-14423.patch -# PATCH-FIX-UPSTREAM gimp-CVE-2025-14424.patch bsc#1255295 [email protected] -- fix a use after free in the XCF parser. -Patch7: gimp-CVE-2025-14424.patch -# PATCH-FIX-UPSTREAM gimp-CVE-2025-14425.patch bsc#1255296 [email protected] -- fix an overflow when reading jp2 files. -Patch8: gimp-CVE-2025-14425.patch %if %{with debug_in_build_gimp} BuildRequires: gdb %endif @@ -152,6 +142,7 @@ BuildRequires: qoi-devel BuildRequires: xdg-utils BuildRequires: libbacktrace-devel +BuildRequires: pkgconfig(bash-completion) BuildRequires: pkgconfig(cfitsio) BuildRequires: pkgconfig(libjxl) >= %{libjxl_version} BuildRequires: pkgconfig(OpenEXR) >= %{OpenEXR_version} @@ -210,6 +201,7 @@ BuildRequires: python3-gobject BuildRequires: typelib-1_0-Babl-0_1 >= %{babl_version} BuildRequires: typelib-1_0-Gegl-0_4 >= %{gegl_version} +BuildRequires: typelib-1_0-GExiv2-0_10 >= %{gexiv2_version} %requires_eq gegl-0_4 Requires: gjs # Explicitly declare the libgimp versions for upgrade purposes @@ -225,6 +217,7 @@ Requires: xdg-utils Requires: typelib-1_0-Babl-0_1 >= %{babl_version} Requires: typelib-1_0-Gegl-0_4 >= %{gegl_version} +Requires: typelib-1_0-GExiv2-0_10 >= %{gexiv2_version} Recommends: %{name}-plugins-python3 = %{version} Recommends: iso-codes Suggests: AdobeICCProfiles @@ -481,6 +474,7 @@ %exclude %{_libdir}/gimp/3.0/plug-ins/file-aa %{_libdir}/girepository-1.0/Gimp-3.0.typelib %{_libdir}/girepository-1.0/GimpUi-3.0.typelib +%{_datadir}/bash-completion/completions/gimp-3.0 %files plugin-aa %{_libdir}/gimp/3.0/plug-ins/file-aa ++++++ gimp-3.0.6.tar.xz -> gimp-3.0.8.tar.xz ++++++ /work/SRC/openSUSE:Factory/gimp/gimp-3.0.6.tar.xz /work/SRC/openSUSE:Factory/.gimp.new.1928/gimp-3.0.8.tar.xz differ: char 26, line 1
