[Git][security-tracker-team/security-tracker][master] Add new gimp issues

Wed, 24 Dec 2025 00:31:14 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
42ed937b by Salvatore Bonaccorso at 2025-12-24T09:30:25+01:00
Add new gimp issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -125,13 +125,21 @@ CVE-2025-14489 (RealDefense SUPERAntiSpyware Exposed 
Dangerous Function Local Pr
 CVE-2025-14488 (RealDefense SUPERAntiSpyware Exposed Dangerous Function Local 
Privileg ...)
        TODO: check
 CVE-2025-14425 (GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code 
Execution ...)
-       TODO: check
+       - gimp 3.2.0~RC2-1
+       NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1139/
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd
 (GIMP_3_2_0_RC1)
 CVE-2025-14424 (GIMP XCF File Parsing Use-After-Free Remote Code Execution 
Vulnerabili ...)
-       TODO: check
+       - gimp 3.2.0~RC2-1
+       NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1138/
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/5cc55d078b7fba995cef77d195fac325ee288ddd
 (GIMP_3_2_0_RC1)
 CVE-2025-14423 (GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code 
Executio ...)
-       TODO: check
+       - gimp 3.2.0~RC2-1
+       NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1137/
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/481cdbbb97746be1145ec3a633c567a68633c521
 (GIMP_3_2_0_RC2)
 CVE-2025-14422 (GIMP PNM File Parsing Integer Overflow Remote Code Execution 
Vulnerabi ...)
-       TODO: check
+       - gimp 3.2.0~RC2-1
+       NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-1136/
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gimp/-/commit/4ff2d773d58064e6130495de498e440f4a6d5edb
 (GIMP_3_2_0_RC2)
 CVE-2025-14421 (pdfforge PDF Architect PDF File Parsing Out-Of-Bounds Read 
Information ...)
        TODO: check
 CVE-2025-14420 (pdfforge PDF Architect CBZ File Parsing Directory Traversal 
Remote Cod ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42ed937b025a4875a59496080ca8eaceb79d8a27

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42ed937b025a4875a59496080ca8eaceb79d8a27
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to