ALSA-2025:0746

[ALSA-2025:0746] Important: gimp:2.8 security update

Type:

security

Severity:

important

Release date:

2025-01-29

Description:

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.  

Security Fix(es):  

  * gimp: PSD buffer overflow RCE (CVE-2023-44442)
  * gimp: psp integer overflow RCE (CVE-2023-44443)
  * gimp: psp off-by-one RCE (CVE-2023-44444)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	3b2ffb23dc24e83e10c83f4ccc075cc103fd56a2764b58524a1935394872ac76
aarch64	gimp-libs-2.8.22-26.module_el8.10.0+3952+571e801c.aarch64.rpm	4025b6346a726f0e062719f6c2462875b117b82134fc35a7f59fe58958e19070
aarch64	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	540e9dde16c8fa7c18f9542b838001305955750fe85125fcd97ba750289b5cb0
aarch64	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	6ef991da497a0c4d97d896c8f26b8eace58ac5c5a2ca40c2f000ee3a0b016851
aarch64	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.aarch64.rpm	7373ab0536e4867321103f1af19017e1a428a9b763636d0902ba99246a31cf1c
aarch64	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	8369dd267a3fd53afe09b18547426a1bedc0b9c916f8e032a00250159a95dc50
aarch64	gimp-devel-2.8.22-26.module_el8.10.0+3952+571e801c.aarch64.rpm	acd08a6aee7980969b2924e3b5e7ffa8d7b08161c84aeb2a11f8f3a639b2dd38
aarch64	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	bc7516e9af4df7c753d13ca58f0c98bbd8d469a410b02bba15d072add5692880
aarch64	gimp-devel-tools-2.8.22-26.module_el8.10.0+3952+571e801c.aarch64.rpm	c777ab4c6e7668ce88b060a1d9374821f676939e0bd7cf2cd0e3268964a703b9
aarch64	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.aarch64.rpm	d140bb170981c279bed8331a3bbd9d9f2d53341292aee19a2fb49c0de12c57bf
aarch64	gimp-2.8.22-26.module_el8.10.0+3952+571e801c.aarch64.rpm	dbea903a937ebca06a184e76f763c3fcf9a00eb75a5d2f37701e00e44eccb839
aarch64	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	ea5d7441ab1cba43c394c5c3d55569855f99e1f7625695202a87d2694e679e7a
aarch64	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	f8a6848c52c9795110a6316831694c7cc7929bf5d3811e81d0a37cfd8ea77902
noarch	pygtk2-doc-2.24.0-25.module_el8.9.0+3725+d1441900.noarch.rpm	bec32577bca5233d67a34af1ef0ae0d1ca15f8896607b22d94cc18d8d4c93d70
ppc64le	gimp-devel-tools-2.8.22-26.module_el8.10.0+3952+571e801c.ppc64le.rpm	0c2b8a7954592c20105bfe876b900ecfadd75571a935b8efc19d38952e3e2589
ppc64le	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.ppc64le.rpm	3922bdac339ed853759cfc9bdb5208ce120694bcbd3ba6b91aa296b29518e1a7
ppc64le	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	400bfe9b8ecc094297226eeab20bf88f02344beb51ec20496ddd8cfe6d138b0e
ppc64le	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	50de78cdd9a7eb9d765416ef8b6025d0212b9f400834b8309ebacedc54f59186
ppc64le	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	5296203f8bb1d8aef5ffb7b68af79e25f062e5996049f43cb4d1928c21ba908e
ppc64le	gimp-devel-2.8.22-26.module_el8.10.0+3952+571e801c.ppc64le.rpm	58305aafcc7a93df9ef93a79340937ecf1893b4f5bd651c255031424a4c4a9d8
ppc64le	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	612f77458d539550a328a96283cdcaff2486c3375b692cba14f6ddf304e54607
ppc64le	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	6ffbf1d5a9ac7e89910005c28ad62626a281d20ff5b3c2b7d192e996eaedff85
ppc64le	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.ppc64le.rpm	8d4fb54a3d197c96246a409f0f79b94609472c2e041fc752ec981658623279d6
ppc64le	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	91acf43f5d375c880855f4d716949337254c85a740ddc7275d887acb887a249a
ppc64le	gimp-2.8.22-26.module_el8.10.0+3952+571e801c.ppc64le.rpm	ac087321f5cfc74570dedb0417f86867aecae6606f0b8003569534bd0b73c166
ppc64le	gimp-libs-2.8.22-26.module_el8.10.0+3952+571e801c.ppc64le.rpm	c711fd78c576747b4d1949a08c91976bc84a79470e6db3b659e1b3c2fd46dfee
ppc64le	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	f909ac9d4fea6fa3f0642c9cc594592276b1c7e9f0e214f7ae719b577d88558d
s390x	gimp-devel-tools-2.8.22-26.module_el8.10.0+3952+571e801c.s390x.rpm	0cfebe802e3ce11ee87e24b4d24f537bc323e4e76a43434af3faee6293cc7497
s390x	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	1a42f4acacfe6991c3ea72ee10bdbe8bb963fe6e94e725c0c6cc5162d35f2e55
s390x	gimp-libs-2.8.22-26.module_el8.10.0+3952+571e801c.s390x.rpm	25a569a3b88e5e84e04d0e0378caf46c95b8f42fb782713e54af8bb86975972d
s390x	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	42ea8b58abfff83cebc7a09a7f6f264b168a95782decbb03b4fcfef37fd7c062
s390x	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	43c790ef899908821a64cfad4af33097d1a9d9351a75d63d45e4363e0d91eec8
s390x	gimp-2.8.22-26.module_el8.10.0+3952+571e801c.s390x.rpm	509ece5cbe690f25379beedf73756c6b3a3822725e04f87fac16e3c1d26e08e3
s390x	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	5104a2191c14aaf70d6f3d9ebf6374c054a182a2a7b0f63f32c1adc918ad4111
s390x	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	753e845a487e2072a62bfa272332266761c207df3360102c42900695a0fe3d32
s390x	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	91402fea22feef9d15400358a93ae5d2ff0b95b332edfbae2245ac5846848476
s390x	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	d9c541afe98fa2f9c4fb770991f7c15dae66b0b36616ff2b94ae7c824b1b0e84
s390x	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.s390x.rpm	e015ce54a4c31a35c21aa3d77fd6d10674ff10a9058f1dd194a9167328d8a0d9
s390x	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.s390x.rpm	ecc0dda98450cefa8281d354f444d8e91876cc91f2cf6c8fd8ecf460a4dbdc8b
s390x	gimp-devel-2.8.22-26.module_el8.10.0+3952+571e801c.s390x.rpm	f0e2e54e76647ce0210ec656f746c12c7b79c1fb6a0544859a30f2a44ebd7d8d
x86_64	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	1bcfd78f679150a1396a88383f3354d767895afd8b982c21a404dcf5386d2d5e
x86_64	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	2f4d1ad704a236fdf89e2a91bad27c1290cc018d37a94b535bfe9b56d51393b8
x86_64	gimp-2.8.22-26.module_el8.10.0+3952+571e801c.x86_64.rpm	46099b09b52a6b3f3f3f7ec6f04204c8cd7a3f635718bd52bd217fa40db14188
x86_64	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.x86_64.rpm	60d3e106bcf1c2e871462cd99c86804b60a4611aae264c80e464cfb6b8c4d990
x86_64	gimp-libs-2.8.22-26.module_el8.10.0+3952+571e801c.x86_64.rpm	6ce0d3149e1ce70f0e28ceab9534dab22e644d43313b8b522054abbbe7b115f5
x86_64	gimp-devel-2.8.22-26.module_el8.10.0+3952+571e801c.x86_64.rpm	9a37c57f0d07763ae315acbd0c67d448b8d96ddb8d89c51ddfb2f9fd807f7892
x86_64	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.x86_64.rpm	b41622e2c38449e82ade474cefe222d04355d7108cd5634e05feeb2f861f6895
x86_64	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	c31a1d5dc208ac6b26e5a44000795e1e773e1e95a479c0529997765ba24fdcff
x86_64	gimp-devel-tools-2.8.22-26.module_el8.10.0+3952+571e801c.x86_64.rpm	c7397d8b5af7b964bd9e8d43047bf631ba424ebff17c26516deec44075390735
x86_64	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	d5feeacb1114c9289b66e927700575ce8cb55214bb41474b0ca9a896a0ca9841
x86_64	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	e091c6387576c98a524580d77825cb438dc432a85725b99800ce9d147fe93ba6
x86_64	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	e20cd80d4022867779dbb1a5bbb8dd9805289a90a79f95b709052da44108d977
x86_64	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	fa3c7b63392769798cb37548395651bb5cbfd279c28d5415eaae15f33ef5c219

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.