ALSA-2025:22417

[ALSA-2025:22417] Important: gimp:2.8 security update

Type:

security

Severity:

important

Release date:

2025-12-04

Description:

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.  

Security Fix(es):  

  * gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10922)
  * gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2025-10920)
  * gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10923)
  * gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10921)
  * gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10925)
  * gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10924)
  * gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10934)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gimp-2.8.22-26.module_el8.10.0+4070+64105a56.3.aarch64.rpm	141d7269b7a7ec87164d034e039cdc771868442a9755fe8922d7bc7b4a2f6b76
aarch64	gimp-devel-tools-2.8.22-26.module_el8.10.0+4070+64105a56.3.aarch64.rpm	19bd7f54a3f318e1023a59e8e78bcdf54548969d0b823268d23cca3113984c2a
aarch64	gimp-libs-2.8.22-26.module_el8.10.0+4070+64105a56.3.aarch64.rpm	1b8a5ed4ecf3b9fdabb2b67090442aaab5f9af133d542b0fac8b726282c1ba60
aarch64	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	3b2ffb23dc24e83e10c83f4ccc075cc103fd56a2764b58524a1935394872ac76
aarch64	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	540e9dde16c8fa7c18f9542b838001305955750fe85125fcd97ba750289b5cb0
aarch64	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.aarch64.rpm	6ef991da497a0c4d97d896c8f26b8eace58ac5c5a2ca40c2f000ee3a0b016851
aarch64	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.aarch64.rpm	7373ab0536e4867321103f1af19017e1a428a9b763636d0902ba99246a31cf1c
aarch64	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	8369dd267a3fd53afe09b18547426a1bedc0b9c916f8e032a00250159a95dc50
aarch64	gimp-devel-2.8.22-26.module_el8.10.0+4070+64105a56.3.aarch64.rpm	924c58038240ade620d9f05d574960a0cd60f23c3b616e3a6be04134e3e60a83
aarch64	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	bc7516e9af4df7c753d13ca58f0c98bbd8d469a410b02bba15d072add5692880
aarch64	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.aarch64.rpm	d140bb170981c279bed8331a3bbd9d9f2d53341292aee19a2fb49c0de12c57bf
aarch64	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	ea5d7441ab1cba43c394c5c3d55569855f99e1f7625695202a87d2694e679e7a
aarch64	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.aarch64.rpm	f8a6848c52c9795110a6316831694c7cc7929bf5d3811e81d0a37cfd8ea77902
noarch	pygtk2-doc-2.24.0-25.module_el8.9.0+3725+d1441900.noarch.rpm	bec32577bca5233d67a34af1ef0ae0d1ca15f8896607b22d94cc18d8d4c93d70
ppc64le	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.ppc64le.rpm	3922bdac339ed853759cfc9bdb5208ce120694bcbd3ba6b91aa296b29518e1a7
ppc64le	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	400bfe9b8ecc094297226eeab20bf88f02344beb51ec20496ddd8cfe6d138b0e
ppc64le	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	50de78cdd9a7eb9d765416ef8b6025d0212b9f400834b8309ebacedc54f59186
ppc64le	gimp-devel-2.8.22-26.module_el8.10.0+4070+64105a56.3.ppc64le.rpm	518b60b2a55592742ce5cefaf380a91ed54524e8cbfa94cdf1c42f3832a6bd7b
ppc64le	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	5296203f8bb1d8aef5ffb7b68af79e25f062e5996049f43cb4d1928c21ba908e
ppc64le	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	612f77458d539550a328a96283cdcaff2486c3375b692cba14f6ddf304e54607
ppc64le	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.ppc64le.rpm	6ffbf1d5a9ac7e89910005c28ad62626a281d20ff5b3c2b7d192e996eaedff85
ppc64le	gimp-2.8.22-26.module_el8.10.0+4070+64105a56.3.ppc64le.rpm	8054b46c9499f32aecb6fa818e14b2b26ab12007f517b478221a8bcc56898d35
ppc64le	gimp-devel-tools-2.8.22-26.module_el8.10.0+4070+64105a56.3.ppc64le.rpm	8cdb81601c104336b96271bee28a6de294b6d4490dc090bdd00df4df2887ad93
ppc64le	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.ppc64le.rpm	8d4fb54a3d197c96246a409f0f79b94609472c2e041fc752ec981658623279d6
ppc64le	gimp-libs-2.8.22-26.module_el8.10.0+4070+64105a56.3.ppc64le.rpm	91473ead227a5ff35a298397091aafe6d29785cf2125db63ba55d9e82ba2c37f
ppc64le	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	91acf43f5d375c880855f4d716949337254c85a740ddc7275d887acb887a249a
ppc64le	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.ppc64le.rpm	f909ac9d4fea6fa3f0642c9cc594592276b1c7e9f0e214f7ae719b577d88558d
s390x	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	1a42f4acacfe6991c3ea72ee10bdbe8bb963fe6e94e725c0c6cc5162d35f2e55
s390x	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	42ea8b58abfff83cebc7a09a7f6f264b168a95782decbb03b4fcfef37fd7c062
s390x	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	43c790ef899908821a64cfad4af33097d1a9d9351a75d63d45e4363e0d91eec8
s390x	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	5104a2191c14aaf70d6f3d9ebf6374c054a182a2a7b0f63f32c1adc918ad4111
s390x	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	753e845a487e2072a62bfa272332266761c207df3360102c42900695a0fe3d32
s390x	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.s390x.rpm	91402fea22feef9d15400358a93ae5d2ff0b95b332edfbae2245ac5846848476
s390x	gimp-2.8.22-26.module_el8.10.0+4070+64105a56.3.s390x.rpm	a06228cfcb5a9bb63ec5b625abf4439132781df0502c46e070ae17c15f2ca71f
s390x	gimp-devel-2.8.22-26.module_el8.10.0+4070+64105a56.3.s390x.rpm	a6b07fd1d0a0f7f15e4e8072f53329a5a77982110856f877f91745ab1b68225f
s390x	gimp-libs-2.8.22-26.module_el8.10.0+4070+64105a56.3.s390x.rpm	a8a17478ff1420b3bd11f987c4d7d49231ecbcece08d3e94f25be4dc7cabfbad
s390x	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.s390x.rpm	d9c541afe98fa2f9c4fb770991f7c15dae66b0b36616ff2b94ae7c824b1b0e84
s390x	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.s390x.rpm	e015ce54a4c31a35c21aa3d77fd6d10674ff10a9058f1dd194a9167328d8a0d9
s390x	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.s390x.rpm	ecc0dda98450cefa8281d354f444d8e91876cc91f2cf6c8fd8ecf460a4dbdc8b
s390x	gimp-devel-tools-2.8.22-26.module_el8.10.0+4070+64105a56.3.s390x.rpm	eeeca4a78f81dbe1bdb8c4831436e7b17f4f9ecd9f8a33741f5743a947f528a7
x86_64	gimp-devel-tools-2.8.22-26.module_el8.10.0+4070+64105a56.3.x86_64.rpm	02ed67e6f358626a61976a1901831cb6558224e15f9da52a890930510c33ef4a
x86_64	gimp-libs-2.8.22-26.module_el8.10.0+4070+64105a56.3.x86_64.rpm	03a0f8c9ed4a2b8ea545c35ca75187c17bf9f5c3976fc681d614b4c625379dc0
x86_64	pygobject2-codegen-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	1bcfd78f679150a1396a88383f3354d767895afd8b982c21a404dcf5386d2d5e
x86_64	pygtk2-devel-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	2f4d1ad704a236fdf89e2a91bad27c1290cc018d37a94b535bfe9b56d51393b8
x86_64	python2-cairo-1.16.3-7.module_el8.10.0+3952+571e801c.x86_64.rpm	60d3e106bcf1c2e871462cd99c86804b60a4611aae264c80e464cfb6b8c4d990
x86_64	gimp-2.8.22-26.module_el8.10.0+4070+64105a56.3.x86_64.rpm	6a1e41a62ba4e515c88e3291256b98adf0c5dcf372993891d06a6d8ea07e3864
x86_64	gimp-devel-2.8.22-26.module_el8.10.0+4070+64105a56.3.x86_64.rpm	812d5fc97bf9b7b10e705a74567e00f1df91c821f9e48f87c3fb9e12dd2c897b
x86_64	python2-cairo-devel-1.16.3-7.module_el8.10.0+3952+571e801c.x86_64.rpm	b41622e2c38449e82ade474cefe222d04355d7108cd5634e05feeb2f861f6895
x86_64	pygtk2-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	c31a1d5dc208ac6b26e5a44000795e1e773e1e95a479c0529997765ba24fdcff
x86_64	pygobject2-devel-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	d5feeacb1114c9289b66e927700575ce8cb55214bb41474b0ca9a896a0ca9841
x86_64	pygtk2-codegen-2.24.0-25.module_el8.9.0+3725+d1441900.x86_64.rpm	e091c6387576c98a524580d77825cb438dc432a85725b99800ce9d147fe93ba6
x86_64	pygobject2-doc-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	e20cd80d4022867779dbb1a5bbb8dd9805289a90a79f95b709052da44108d977
x86_64	pygobject2-2.28.7-5.module_el8.10.0+3952+571e801c.x86_64.rpm	fa3c7b63392769798cb37548395651bb5cbfd279c28d5415eaae15f33ef5c219

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.