ALSA-2024:0861

[ALSA-2024:0861] Important: gimp:2.8 security update

Type:

security

Severity:

important

Release date:

2024-02-22

Description:

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.

Security Fix(es):

* gimp: PSD buffer overflow RCE (CVE-2023-44442)
* gimp: psp off-by-one RCE (CVE-2023-44444)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm	27be297b328005b5d8fabf91c2e98fc4bbebe293673f29fb0b0f9f315e848c2b
aarch64	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	3b2ffb23dc24e83e10c83f4ccc075cc103fd56a2764b58524a1935394872ac76
aarch64	gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm	3b64208e03419244d826c738300055d9bb6ee06fcdd79c50d671ded6e0de2a38
aarch64	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	540e9dde16c8fa7c18f9542b838001305955750fe85125fcd97ba750289b5cb0
aarch64	Packages/pygobject2-devel-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm	5e986426d3a4104a450d3b858a816119fad7b25cc9c71070e582dab2a31222dc
aarch64	gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm	655f7be8ade94d84e27e30db06f914c74def707efc716c33c0fcbb167dd2836c
aarch64	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	6ef991da497a0c4d97d896c8f26b8eace58ac5c5a2ca40c2f000ee3a0b016851
aarch64	Packages/python2-cairo-1.16.3-6.module_el8.4.0+2208+3d7d61b2.aarch64.rpm	b5051773dc2f78bcbbc573b811807f7952df80eb5c231bbda48a0f683ab1f6bd
aarch64	gimp-2.8.22-25.module_el8.9.0+3725+d1441900.aarch64.rpm	c997ca7aa40b6aff7c933a4dc621c552ae432f47ce07107220e2711e91d46fdb
aarch64	Packages/python2-cairo-devel-1.16.3-6.module_el8.4.0+2208+3d7d61b2.aarch64.rpm	e67a739f11d56e8e5146fb4964a171eab10bff1c5e6f23ac2f2c13b359b7f783
aarch64	Packages/pygobject2-codegen-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm	f1804244663952ea4979a66e098026ab734b5b75e50079d721037c5ef06c8677
aarch64	Packages/pygobject2-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm	f2a7d7585b290f590a5e3604175da97e93816756b481c6507cc28fb935b03bc2
aarch64	Packages/pygobject2-doc-2.28.7-4.module_el8.4.0+2208+3d7d61b2.aarch64.rpm	fbd0e5b3c423d6a6301a6af57901e34d095615f5e8217379fe86966e636cb40b
noarch	pygtk2-doc-2.24.0-25.module_el8.9.0+3725+d1441900.noarch.rpm	bec32577bca5233d67a34af1ef0ae0d1ca15f8896607b22d94cc18d8d4c93d70
ppc64le	gimp-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	30f2426fb258248e8c90312d21cbb46e62c585e24b6ac59ae19fedff97b0766a
ppc64le	Packages/pygobject2-doc-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm	355e3ee681fce9aa4abe95f1e4ab5c3d12e9e3986d0dd7aaa8c41b18ad10ae4f
ppc64le	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	400bfe9b8ecc094297226eeab20bf88f02344beb51ec20496ddd8cfe6d138b0e
ppc64le	Packages/pygobject2-codegen-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm	4158c2318eb9d1bc32eb31e12c77bac46f3f5846d083a5032735f993613db944
ppc64le	Packages/python2-cairo-1.16.3-6.module_el8.5.0+17+826458aa.ppc64le.rpm	447876d5562aef72520d125b35cd7d80c3099c53a11eb21c47c39633c354c762
ppc64le	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	50de78cdd9a7eb9d765416ef8b6025d0212b9f400834b8309ebacedc54f59186
ppc64le	Packages/pygobject2-devel-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm	653bacae37c9ccd43c31639f30f2bc46fa3b5cffc218fb3bff5f972c8354b6cf
ppc64le	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	6ffbf1d5a9ac7e89910005c28ad62626a281d20ff5b3c2b7d192e996eaedff85
ppc64le	Packages/python2-cairo-devel-1.16.3-6.module_el8.5.0+17+826458aa.ppc64le.rpm	82c517441baa8376ecfaa7443a4641b26e67393b58dbee4332bf2abada0f7cfa
ppc64le	gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	8ebfeb2f886a9b06a86a81712495ea1e0c1750c4828ab1c36ac33ff3db4514d2
ppc64le	gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	a4bf05d4b373f6311634433f41e49a3d82177ce8b9b2b6595a5874bf427a4c51
ppc64le	Packages/pygobject2-2.28.7-4.module_el8.5.0+17+826458aa.ppc64le.rpm	a80810250f2ad22f4736ffcc09953937697e27c6e01c98b854de6589b61f8b04
ppc64le	gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	e0ebad1c4d8365333c25c89613e17505529bd5f5dff54271a67372da5db6c38a
s390x	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	42ea8b58abfff83cebc7a09a7f6f264b168a95782decbb03b4fcfef37fd7c062
s390x	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	43c790ef899908821a64cfad4af33097d1a9d9351a75d63d45e4363e0d91eec8
s390x	gimp-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm	44472702d5f9198e4850dfa17fbe850864ef2f71800ac04e225d36424aacffba
s390x	pygobject2-codegen-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm	654c3fec6c0981ed3d27af8ce61db63f7ad42622d5a16c8f382efcecaad984f2
s390x	pygobject2-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm	66aa615a3f122df9dbe58f3f53af6323a433f4aa82c097b72f2f74909717d127
s390x	gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm	750ce6ac84250481690ddda7321ab85d4503da447fcd215d4464f4cc0af6ecc8
s390x	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	91402fea22feef9d15400358a93ae5d2ff0b95b332edfbae2245ac5846848476
s390x	python2-cairo-1.16.3-6.module_el8.6.0+3053+ee77682c.s390x.rpm	bbb48bf204fd327311765e437bb9240af682b2956dd132b14b994638cae39813
s390x	python2-cairo-devel-1.16.3-6.module_el8.6.0+3053+ee77682c.s390x.rpm	c20cfc05e65aa0ef0f53c053760397008d28e98485a92233b9bdda498ea477ac
s390x	gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm	c59244c101ad464aa4e215a47e104f02aa7ae2a4827d2981a30ae7466a7ff72a
s390x	pygobject2-doc-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm	e537c96016fe47c0ba5f78f97838185e8b5bce691951bea2efb1a000da3025be
s390x	pygobject2-devel-2.28.7-4.module_el8.6.0+3053+ee77682c.s390x.rpm	ef3de81facf1f86c7cc1b8e5fda35805b7a1163b5dbe650c94fe642ff9946a54
s390x	gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.s390x.rpm	f536e685fb88d2b6846ae5f60bd83c09e90ec9a6cbd6338d1573d871915a126b
x86_64	gimp-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm	27f8c59dd24e0d1dfda474ec714017efc8a74e55d0834379e8dadaabdf31bcfc
x86_64	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	2f4d1ad704a236fdf89e2a91bad27c1290cc018d37a94b535bfe9b56d51393b8
x86_64	Packages/pygobject2-doc-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm	50debe94083b3e0be6d23d3f789434a9d7f03713a9be11cdf4286f2ef6188eaa
x86_64	Packages/pygobject2-devel-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm	741358f6e64be400baad4b28614099f8e46078720ba463dbe47b4b263e1b3ad2
x86_64	gimp-libs-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm	a2d4cd5deb48edd2ace32118bb4833cd06b202405da9fb909cda34cf446ef13c
x86_64	Packages/python2-cairo-devel-1.16.3-6.module_el8.0.0+6039+48ed2b14.x86_64.rpm	b68d74d89eda67f3a42a32d5ba5cf88ecbd5d2d4ea9c1f09c9cae8d307c8730c
x86_64	Packages/pygobject2-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm	baebcad4e4719acdb589c1587c258bf683e0d3344c7fbbed9e7b4d2dbbefb961
x86_64	gimp-devel-tools-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm	bc2a4eac75a00f7d20d358ffcdd59f5407c686045d1fb165cfaefbdf10b8b977
x86_64	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	c31a1d5dc208ac6b26e5a44000795e1e773e1e95a479c0529997765ba24fdcff
x86_64	Packages/python2-cairo-1.16.3-6.module_el8.0.0+6039+48ed2b14.x86_64.rpm	c4c2f97aaf20809a36352ce503e4a5446504273fe4b06480962daec4dd78d52a
x86_64	gimp-devel-2.8.22-25.module_el8.9.0+3725+d1441900.x86_64.rpm	d47a4e76404881e6a201ccabbcf77bed31a09c1ff2570d015f3364f464b9e920
x86_64	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	e091c6387576c98a524580d77825cb438dc432a85725b99800ce9d147fe93ba6
x86_64	Packages/pygobject2-codegen-2.28.7-4.module_el8.0.0+6039+48ed2b14.x86_64.rpm	e37ed21f9422055f4e294253f36646e1ea08e0232caca3f97b4872986a728ba0

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.