[Git][security-tracker-team/security-tracker][master] Add new gimp issues

Fri, 26 Sep 2025 12:01:16 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
61855984 by Salvatore Bonaccorso at 2025-09-26T20:57:12+02:00
Add new gimp issues

Thanks: Sylvain Beucler

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,28 @@
+CVE-2025-10925 [ZDI-CAN-27793: GIMP ILBM File Parsing Stack-based Buffer 
Overflow Remote Code Execution Vulnerability]
+       - gimp <unfixed>
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14816
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2450
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/002b22c15028b18557bd0823a081af9ed5316679
+CVE-2025-10924 [ZDI-CAN-27836: GIMP FF File Parsing Integer Overflow Remote 
Code Execution Vulnerability]
+       - gimp <unfixed>
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14813
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2448
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/53b18653bca9404efeab953e75960b1cf7dedbed
+CVE-2025-10923 [ZDI-CAN-27878: GIMP WBMP File Parsing Integer Overflow Remote 
Code Execution Vulnerability]
+       - gimp <unfixed>
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14812
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2445
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/fb31ddf32298bb2f0f09b3ccc53464b8693a050e
+CVE-2025-10922 [ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer 
Overflow Remote Code Execution Vulnerability]
+       - gimp <unfixed>
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14811
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2444
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/0f309f9a8d82f43fa01383bc5a5c41d28727d9e3
+CVE-2025-10920 [ZDI-CAN-27684: GIMP ICNS File Parsing Out-Of-Bounds Write 
Remote Code Execution Vulnerability]
+       - gimp <unfixed>
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14818
+       NOTE: https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2443
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/5f4329d324b0db7a857918941ef7e1d27f3d3992
 CVE-2025-10921 [GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code 
Execution Vulnerability]
        - gegl <unfixed>
        NOTE: https://gitlab.gnome.org/GNOME/gegl/-/issues/430



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61855984495947edd2b0d9e0fbaee088a5716d49

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61855984495947edd2b0d9e0fbaee088a5716d49
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to