Synopsis: Moderate: gimp security, bug fix, and enhancement update
Advisory ID: SLSA-2016:2589-2
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-4994
—
The following packages have been upgraded to a newer upstream version:
gimp (2.8.16), gimp-help (2.8.2).
Security Fix(es):
* Multiple use-after-free vulnerabilities were found in GIMP in the
channel and layer properties parsing process when loading XCF files. An
attacker could create a specially crafted XCF file which could cause GIMP
to crash. (CVE-2016-4994)
Additional Changes:
—
SL7
x86_64
gimp-2.8.16-3.el7.x86_64.rpm
gimp-debuginfo-2.8.16-3.el7.i686.rpm
gimp-debuginfo-2.8.16-3.el7.x86_64.rpm
gimp-libs-2.8.16-3.el7.i686.rpm
gimp-libs-2.8.16-3.el7.x86_64.rpm
gimp-devel-2.8.16-3.el7.i686.rpm
gimp-devel-2.8.16-3.el7.x86_64.rpm
gimp-devel-tools-2.8.16-3.el7.x86_64.rpm
noarch
gimp-help-2.8.2-1.el7.noarch.rpm
gimp-help-ca-2.8.2-1.el7.noarch.rpm
gimp-help-da-2.8.2-1.el7.noarch.rpm
gimp-help-de-2.8.2-1.el7.noarch.rpm
gimp-help-el-2.8.2-1.el7.noarch.rpm
gimp-help-en_GB-2.8.2-1.el7.noarch.rpm
gimp-help-es-2.8.2-1.el7.noarch.rpm
gimp-help-fr-2.8.2-1.el7.noarch.rpm
gimp-help-it-2.8.2-1.el7.noarch.rpm
gimp-help-ja-2.8.2-1.el7.noarch.rpm
gimp-help-ko-2.8.2-1.el7.noarch.rpm
gimp-help-nl-2.8.2-1.el7.noarch.rpm
gimp-help-nn-2.8.2-1.el7.noarch.rpm
gimp-help-pt_BR-2.8.2-1.el7.noarch.rpm
gimp-help-ru-2.8.2-1.el7.noarch.rpm
gimp-help-sl-2.8.2-1.el7.noarch.rpm
gimp-help-sv-2.8.2-1.el7.noarch.rpm
gimp-help-zh_CN-2.8.2-1.el7.noarch.rpm
– Scientific Linux Development Team
