Package: gimp Version: 2.10.34-1+deb12u2 Severity: critical Tags: upstream Justification: breaks the whole system X-Debbugs-Cc: debbug.g...@sideload.33mail.com Control: affects -1 sway xwayland
A source document was scanned as a grayscale PNG file. It was loaded into GIMP, cropped, and followed by a “Layer » Layer to Image Size” operation. No problems so far (and likely irrelevent - it’s just my typical workflow FWIW). Opened “Colors » Threshold…”. Some images have an interesting graph to help determine where to move the slider and some just have an empty graph. This may not be related but I noticed that both times spaz’d out it was when an image had an empty graph (or nearly empty). As soon as the slider is moved, *both* screens on a dual headed machine go black for ~1½ seconds then pop back on. GIMP is only ever present one of the two displays, never spread out. On one occassion, the system froze for a few seconds before the cursor could move again. On another occasion, the keyboard and mouse were permanently frozen. I walked away from the machine for ~5 minutes or so to give it time to unfreeze, but it never unfroze. I was ultimately forced to physically force a power down of the whole system. It would have been catastrophic if I had unsaved work in any application. GIMP’s tendency to affect other apps also manifests in another way (though less extreme). When GIMP is full screen on one display and emacs is full screen on the other display, if I click on a menu like Colors, leave the menu list open and move the mouse cursor out of GIMP and onto the emacs window, the emacs window takes focus as expected but GIMP fights to keep control of the keyboard. When I type a few keys, the first character appears in the emacs buffer but GIMP seems to react to all keys pressed when emacs is in focus. Emacs only receives the first key but GIMP acts on all keys pressed. When this fight for keyboard control is occurring, both displays go all black for ~1½ seconds before restoring and the mouse is frozen for a second or two after that. Sometimes the GIMP popup window (triggered by the keys pressed in emacs) flickers wildly with different buttons in the window flickering as well. I click cancel to end the madness. So far in that case the system goes back to normal. But the behaviour is similar to when the threshold slider is moved so it appears to be ultimately associated to the same problem. This is on Wayland with Sway running. A similar but different bug was reported here: https://gitlab.gnome.org/GNOME/gimp/-/issues/11275 Paulo Crepaldi called it a “crash” not a freeze, and that was on Windows while my experience was on Debian. These bugs could be related but possibly not. Without more certainty, I did not tag this bug as forwarded upstream. There is also a security problem here. In principle, what if a user were to leave GIMP to enter a password in another app? GIMP should not have access to the keyboard when it is not in focus. This security flaw is not in GIMP, but rather in Wayland or Sway and GIMP is merely demonstrating how an unfocused app can eavesdrop on the keystrokes. The upstream bug tracker blocks registration by pushing a broken CAPTCHA, so I am unable to report this upstream. -- System Information: Debian Release: 12.5 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'stable'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-28-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gimp depends on: ii gimp-data 2.10.34-1+deb12u2 ii graphviz 2.42.2-7+b3 ii libaa1 1.4p5-50 ii libbabl-0.1-0 1:0.1.98-1+b1 ii libbz2-1.0 1.0.8-5+b1 ii libc6 2.36-9+deb12u7 ii libcairo2 1.16.0-7 ii libfontconfig1 2.14.1-4 ii libfreetype6 2.12.1+dfsg-5 ii libgcc-s1 12.2.0-14 ii libgdk-pixbuf-2.0-0 2.42.10+dfsg-1+b1 ii libgegl-0.4-0 1:0.4.42-2 ii libgexiv2-2 0.14.0-1+b1 ii libgimp2.0 2.10.34-1+deb12u2 ii libglib2.0-0 2.74.6-2+deb12u2 ii libgs10 10.0.0~dfsg-11+deb12u3 ii libgtk2.0-0 2.24.33-2 ii libgudev-1.0-0 237-2 ii libharfbuzz0b 6.0.0+dfsg-3 ii libheif1 1.15.1-1 ii libjpeg62-turbo 1:2.1.5-2 ii libjson-glib-1.0-0 1.6.6-1 ii libjxl0.7 0.7.0-10 ii liblcms2-2 2.14-2 ii liblzma5 5.4.1-0.2 ii libmng1 1.0.10+dfsg-3.1+b5 ii libmypaint-1.5-1 1.6.0-2 ii libopenexr-3-1-30 3.1.5-5 ii libopenjp2-7 2.5.0-2 ii libpango-1.0-0 1.50.12+ds-1 ii libpangocairo-1.0-0 1.50.12+ds-1 ii libpangoft2-1.0-0 1.50.12+ds-1 ii libpng16-16 1.6.39-2 ii libpoppler-glib8 22.12.0-2+b1 ii librsvg2-2 2.54.7+dfsg-1~deb12u1 ii libstdc++6 12.2.0-14 ii libtiff6 4.5.0-6+deb12u1 ii libwebp7 1.2.4-0.2+deb12u1 ii libwebpdemux2 1.2.4-0.2+deb12u1 ii libwebpmux3 1.2.4-0.2+deb12u1 ii libwmf-0.2-7 0.2.12-5.1 ii libwmflite-0.2-7 0.2.12-5.1 ii libx11-6 2:1.8.4-2+deb12u2 ii libxcursor1 1:1.2.1-1 ii libxext6 2:1.3.4-1+b1 ii libxfixes3 1:6.0.0-2 ii libxmu6 2:1.1.3-3 ii libxpm4 1:3.5.12-1.1+deb12u1 ii xdg-utils 1.1.3-4.1 ii zlib1g 1:1.2.13.dfsg-1 Versions of packages gimp recommends: ii ghostscript 10.0.0~dfsg-11+deb12u3 Versions of packages gimp suggests: pn gimp-data-extras <none> ii gimp-help-en [gimp-help] 2.10.34-2 pn gvfs-backends <none> ii libasound2 1.2.8-1+b1 -- no debconf information
