GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Fri Sep 28, 2012 12:26 pm Post subject: [ GLSA 201209-23 ] GIMP: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: GIMP: Multiple vulnerabilities (GLSA 201209-23)
Severity: normal
Exploitable: remote
Date: September 28, 2012
Bug(s): #293127, #350915, #372975, #379289, #418425, #432582
ID: 201209-23
Synopsis
Multiple vulnerabilities have been found in GIMP, the worst of
which allow execution of arbitrary code or Denial of Service.
Background
GIMP is the GNU Image Manipulation Program.
Affected Packages
Package: media-gfx/gimp
Vulnerable: < 2.6.12-r2
Unaffected: >= 2.6.12-r2
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in GIMP. Please review the
CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All GIMP users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/gimp-2.6.12-r2"
|
References
CVE-2009-1570
CVE-2009-3909
CVE-2010-4540
CVE-2010-4541
CVE-2010-4542
CVE-2010-4543
CVE-2011-1178
CVE-2011-2896
CVE-2012-2763
CVE-2012-3402 |
|