[SECURITY] Fedora 14 Update: gimp-2.6.11-14.fc14
updates at fedoraproject.org
updates at fedoraproject.org
Tue Jun 7 04:29:43 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-7393
2011-05-25 01:54:56
--------------------------------------------------------------------------------
Name : gimp
Product : Fedora 14
Version : 2.6.11
Release : 14.fc14
URL : http://www.gimp.org/
Summary : GNU Image Manipulation Program
Description :
GIMP (GNU Image Manipulation Program) is a powerful image composition and
editing program, which can be extremely useful for creating logos and other
graphics for webpages. GIMP has many of the tools and filters you would expect
to find in similar commercial offerings, and some interesting extras as well.
GIMP provides a large image manipulation toolbox, including channel operations
and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all
with multi-level undo.
--------------------------------------------------------------------------------
Update Information:
This update fixes buffer overflows in the PSP (CVE-2010-4543, CVE-2011-1782), sphere-designer (CVE-2010-4541), gfig (CVE-2010-4542) and lighting (CVE-2010-4540) plugins.
--------------------------------------------------------------------------------
ChangeLog:
* Mon May 23 2011 Nils Philippsen <nils at redhat.com> - 2:2.6.11-14
- fix buffer overflows in sphere-designer (CVE-2010-4541),
gfig (CVE-2010-4542), lighting (CVE-2010-4540) plugins
* Mon May 23 2011 Nils Philippsen <nils at redhat.com> - 2:2.6.11-13
- harden PSP plugin against bogus input data (CVE-2010-4543, CVE-2011-1782)
* Sat May 7 2011 Christopher Aillon <caillon at redhat.com> - 2:2.6.11-12
- Update desktop database, icon cache scriptlets
* Fri May 6 2011 Nils Philippsen <nils at redhat.com> - 2:2.6.11-11
- simplify poppler-0.17 patch to avoid adding to libgimp (#698157)
* Wed May 4 2011 Nils Philippsen <nils at redhat.com> - 2:2.6.11-10
- don't use poppler/gdk_pixbuf API removed in poppler >= 0.17 (#698157)
- remove obsolete configure options
* Tue Mar 15 2011 Nils Philippsen <nils at redhat.com> - 2:2.6.11-9
- don't use HAL from F-16/RHEL-7 on
- explicitly use GIO/GVFS rather than gnome-vfs
* Sun Mar 13 2011 Marek Kasik <mkasik at redhat.com> - 2:2.6.11-8
- Rebuild (poppler-0.16.3)
* Tue Feb 8 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2:2.6.11-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Feb 2 2011 Nils Philippsen <nils at redhat.com> - 2:2.6.11-6
- avoid traceback in pyslice plugin (#667958)
* Sat Jan 1 2011 Rex Dieter <rdieter at fedoraproject.org> - 2:2.6.11-5
- rebuild (poppler)
* Wed Dec 15 2010 Rex Dieter <rdieter at fedoraproject.org> - 2:2.6.11-4
- rebuild (poppler)
* Tue Nov 9 2010 Nils Philippsen <nils at redhat.com> - 2:2.6.11-3
- avoid traceback in colorxhtml plugin (#651002)
* Sat Nov 6 2010 Rex Dieter <rdieter at fedoraproject.org> - 2:2.6.11-2
- rebuilt (poppler)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #706939 - CVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543 CVE-2011-1782 CVE-2010-4543 gimp various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=706939
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update gimp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list