[CLSA-2026:1784021937] gimp: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-14 10:37:22 UTC
Description:
- CVE-2026-58380: fix out-of-bounds write in PNM parser by keeping the pnmscanner_gettoken NUL terminator within bufsize - 1 - CVE-2026-58384: fix integer overflow in PSD read_RLE_channel row-length allocation with a g_size_checked_mul guard against G_MAXUINT32
Updated packages:
  • gimp-2.99.8-4.el9.2.tuxcare.els12.x86_64.rpm
    sha:f557f7ef561da0c81016c58c38a28094599e7f74497de5213f75079e9093ccfd
  • gimp-devel-2.99.8-4.el9.2.tuxcare.els12.x86_64.rpm
    sha:bcc50d112ce5d6d3217c82c4be2f5304545d5d58860c15d7985c503179c4cf02
  • gimp-devel-tools-2.99.8-4.el9.2.tuxcare.els12.x86_64.rpm
    sha:d48a6b40e3f916d28d4f2b71ed3fa84ea6a2898de68782e778061e403593921c
  • gimp-libs-2.99.8-4.el9.2.tuxcare.els12.i686.rpm
    sha:48e9c4c343e0b57a370e37200a0c6e976996b3ad0cded62c1ac0ee528d2da97f
  • gimp-libs-2.99.8-4.el9.2.tuxcare.els12.x86_64.rpm
    sha:39a9cc52c9b59c793156ca97e1c6d53e8683301f252760270355643c3e42f300
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.