ubuntustudio-bugs team mailing list archive
-
ubuntustudio-bugs team
-
Mailing list archive
-
Message #05724
[Bug 1690544] Re: include proper fix for CVE-2007-3126, released in GIMP 2.8.22
** Changed in: gimp
Status: Unknown => Fix Released
** Changed in: gimp
Importance: Unknown => Medium
--
You received this bug notification because you are a member of Ubuntu
Studio Bugs, which is subscribed to gimp in Ubuntu.
Matching subscriptions: Ubuntu Studio Bugs
https://bugs.launchpad.net/bugs/1690544
Title:
include proper fix for CVE-2007-3126, released in GIMP 2.8.22
Status in The Gimp:
Fix Released
Status in gimp package in Ubuntu:
New
Bug description:
The GIMP developers announced at https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/ that version 2.8.22 finally includes a proper fix for the ancient ICO file import crash CVE-2007-3126.
The fix should thus either be back-ported or GIMP bumped to 2.8.22 for supported Ubuntu versions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/gimp/+bug/1690544/+subscriptions
References