[El-errata] ELSA-2007-0513 Moderate: Enterprise Linux 5 gimp security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Wed Sep 26 15:48:14 PDT 2007 

Enterprise Linux Security Advisory ELSA-2007-0513

https://rhn.redhat.com/errata/RHSA-2007-0513.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
gimp-2.2.13-2.0.7.el5.i386.rpm
gimp-devel-2.2.13-2.0.7.el5.i386.rpm
gimp-libs-2.2.13-2.0.7.el5.i386.rpm

x86_64:
gimp-2.2.13-2.0.7.el5.x86_64.rpm
gimp-devel-2.2.13-2.0.7.el5.i386.rpm
gimp-devel-2.2.13-2.0.7.el5.x86_64.rpm
gimp-libs-2.2.13-2.0.7.el5.i386.rpm
gimp-libs-2.2.13-2.0.7.el5.x86_64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/gimp-2.2.13-2.0.7.el5.src.rpm

Description of changes:

[2.2.13-2.0.7]
- validate bytesperline header field when loading PCX files (#247573)

[2.2.13-2.0.6]
- replace gimp_error() by gimp_message()/gimp_quit() in a few plugins so 
they
  don't crash but gracefully exit when encountering error conditions
- fix endianness issues in the PSP plugin to avoid it doing (seemingly) 
endless
  loops when loading images
- fix endianness issues in the PCX plugin which cause it to not detect 
corrupt
  images

[2.2.13-2.0.5]
- add safeguard to avoid crashes while loading corrupt PSD images (#247573,
  patch by Raphaël Quinet)

[2.2.13-2.0.4]
- don't divide by zero when loading a layer or mask with zero width or 
height
  when loading PSD images (#247573, patch by Sven Neumann)

[2.2.13-2.0.3]
- add ChangeLog entry to psd-invalid-dimensions patch (#247573)
- validate size values read from files before using them to allocate 
memory in
  various file plugins (#247573, patch by Mukund Sivaraman and Raphaël 
Quinet)
- detect invalid image data when reading files in several plugins (#247573,
  patch by Sven Neumann and Raphaël Quinet)
- validate size values read from files before using them to allocate 
memory in
  the PSD and sunras plugins (#247573, patch by Mukund Sivaraman)
- don't let gimp-plugin-mgr --uninstall fail %post scriptlet
- convert spec file to UTF-8

[2.2.13-2.0.2]
- use upstream PSD fix by Sven Neumann (#244409)

[2.2.13-2.0.1]
- refuse to open PSD files with insanely large dimensions (#244409)

More information about the El-errata mailing list