ALSA-2025:21968

[ALSA-2025:21968] Important: gimp security update

Type:

security

Severity:

important

Release date:

2025-12-01

Description:

The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.  

Security Fix(es):  

  * gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10922)
  * gimp: GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2025-10920)
  * gimp: GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10923)
  * gimp: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10921)
  * gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10925)
  * gimp: GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability (CVE-2025-10924)
  * gimp: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10934)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gimp-libs-3.0.4-1.el9_7.1.aarch64.rpm	ce81d40061f3d752f135437b762e6a5775b85f5968a7f45e94e081d369a4090b
aarch64	gimp-3.0.4-1.el9_7.1.aarch64.rpm	fc012e23e7fe811e543830d7f979cd926bfc6f03f999dd6eb4ba4438eb64360e
i686	gimp-libs-3.0.4-1.el9_7.1.i686.rpm	ba3d9564a410d21e5b87d8a0dc4b53f543ee3af51fb41e792c9e05f505ab1a24
ppc64le	gimp-3.0.4-1.el9_7.1.ppc64le.rpm	5ada69a02c26c2996d87938f19ccf4fa207be65a85c9510be8122255d738a27d
ppc64le	gimp-libs-3.0.4-1.el9_7.1.ppc64le.rpm	851786c1646d7c401e161ec682835e56c1179f5df4115817fc76c2a2e384a18c
x86_64	gimp-3.0.4-1.el9_7.1.x86_64.rpm	2f81f1299e528c9c5c4e731cc37ff58cf2b72379e8f181b1a9bd31384f9f292c
x86_64	gimp-libs-3.0.4-1.el9_7.1.x86_64.rpm	4447b5d6921ddbf73311520fba031569eb52b0060c8edb4dae817385366f18d8

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.