Format: 1.8
Date: Tue, 28 Nov 2023 07:38:10 -0500
Source: gimp
Binary: gimp libgimp2.0 libgimp2.0-dev
Architecture: ppc64el ppc64el_translations
Version: 2.10.18-1ubuntu0.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-023.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 gimp       - GNU Image Manipulation Program
 libgimp2.0 - Libraries for the GNU Image Manipulation Program
 libgimp2.0-dev - Headers and other files for compiling plugins for GIMP
Launchpad-Bugs-Fixed: 1982422
Changes:
 gimp (2.10.18-1ubuntu0.1) focal-security; urgency=medium
 .
   [ Luís Infante da Câmara ]
   * SECURITY UPDATE: Buffer overflow leading to insufficient memory or
     program crash via a crafted XCF file (LP: #1982422)
     - debian/patches/CVE-2022-30067.patch: Stop loading paths and skip to
       the next property when xcf_old_path fails.
     - CVE-2022-30067
   * SECURITY UPDATE: Denial of service via a crafted XCF file
     (LP: #1982422)
     - debian/patches/CVE-2022-32990-1.patch: Check maximum dimensions when
       loading XCF files.
     - debian/patches/CVE-2022-32990-2.patch: Check for invalid offsets when
       loading XCF files.
     - debian/patches/CVE-2022-32990-3.patch: Return TRUE in
       gimp_channel_is_empty when channel is NULL.
     - CVE-2022-32990
 .
   [ Marc Deslauriers ]
   * SECURITY UPDATE: DDS File Parsing Heap-based Buffer Overflow
     - debian/patches/CVE-2023-44441-1.patch: verify header information in
       plug-ins/file-dds/ddsread.c.
     - debian/patches/CVE-2023-44441-2.patch: fix checks in
       plug-ins/file-dds/ddsread.c.
     - debian/patches/CVE-2023-44441-3.patch: add additional fixes in
       plug-ins/file-dds/ddsread.c.
     - CVE-2023-44441
   * SECURITY UPDATE: PSD File Parsing Heap-based Buffer Overflow
     - debian/patches/CVE-2023-44442.patch: add missing break statement in
       plug-ins/file-psd/psd-util.c.
     - CVE-2023-44442
   * SECURITY UPDATE: PSP File Parsing Off-By-One
     - debian/patches/CVE-2023-44444.patch: fix buffer size in
       plug-ins/common/file-psp.c.
     - CVE-2023-44444
Checksums-Sha1:
 e9808e74778b8113f9878a7e833b7421c5567214 17593728 gimp-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 a876095a6ef2ac3522165b54b969a4b317d14fba 22513 gimp_2.10.18-1ubuntu0.1_ppc64el.buildinfo
 2a80891d0116cbe683090a7f4f599e07e8b26c78 5245096 gimp_2.10.18-1ubuntu0.1_ppc64el.deb
 25f70ac35459a844130ffdfdd9637816c3990736 18130027 gimp_2.10.18-1ubuntu0.1_ppc64el_translations.tar.gz
 9b3a88f0796799ae3a40ab40145f76cfb9a3c05c 1368208 libgimp2.0-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 e59106b7fa0d6acd2b2295f12fba2af67549762c 21348 libgimp2.0-dev-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 579acdaea836b0986f5f9d605b8b85bb701fe74a 105380 libgimp2.0-dev_2.10.18-1ubuntu0.1_ppc64el.deb
 3c637409e0015a391066789cc9be803135bcc5f2 456332 libgimp2.0_2.10.18-1ubuntu0.1_ppc64el.deb
Checksums-Sha256:
 e44a3291bfa4147974e6326ba436557da9e845534a62c0b5453697d3e92a3831 17593728 gimp-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 0ac5bdd8b59661d7e085d022071d4fe1fa87fa875c8af0517e55d6aba85466fd 22513 gimp_2.10.18-1ubuntu0.1_ppc64el.buildinfo
 ba1de2f73176bf9cc85672f7c62418aee65eb2aea21b8bd401f12f55a1f94e2e 5245096 gimp_2.10.18-1ubuntu0.1_ppc64el.deb
 566d62b6ae3cb9fa90af63dc77c11956bdea90cf8f83840def04894a9d9e10cd 18130027 gimp_2.10.18-1ubuntu0.1_ppc64el_translations.tar.gz
 9870517c3de6ccc18850aed278abf603c404361054f1fc45b37d5f93ea35b6dc 1368208 libgimp2.0-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 dfe275c77234f56b78501081e90fe082978b3d74e549654dc9db376bbb484892 21348 libgimp2.0-dev-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 3bea08496bed9e1097c7c8fb57739732df10279c7e04c50529f3ee4ffb1e3ee8 105380 libgimp2.0-dev_2.10.18-1ubuntu0.1_ppc64el.deb
 01a229539dbe285cc3e413c33d710ad4183a2fb9a53b4614f01e2df8d3ece750 456332 libgimp2.0_2.10.18-1ubuntu0.1_ppc64el.deb
Files:
 2344cead89706b2a7a47b0df31c0329f 17593728 debug optional gimp-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 89922f70706d30a5d0718d8958cc6d26 22513 graphics optional gimp_2.10.18-1ubuntu0.1_ppc64el.buildinfo
 9a2d6b57a074f60ca68d909e3f05f1fe 5245096 graphics optional gimp_2.10.18-1ubuntu0.1_ppc64el.deb
 34f0a1589d1e2046ae234e8236be2098 18130027 raw-translations - gimp_2.10.18-1ubuntu0.1_ppc64el_translations.tar.gz
 e9d49beccd4c63b0d0e604a5e2b34d67 1368208 debug optional libgimp2.0-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 7731aa6fecd2d09046a18cf657db656a 21348 debug optional libgimp2.0-dev-dbgsym_2.10.18-1ubuntu0.1_ppc64el.ddeb
 27d222cbdd5bce04bfe932de3731d6a9 105380 libdevel optional libgimp2.0-dev_2.10.18-1ubuntu0.1_ppc64el.deb
 429e139e8befba71e582aa34cd170be8 456332 libs optional libgimp2.0_2.10.18-1ubuntu0.1_ppc64el.deb
Original-Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>