Description:
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Security Fix(es):
* gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image (CVE-2026-4887)
* gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow (CVE-2026-4154)
* gimp: GIMP: Remote Code Execution via ANI File Parsing Integer Overflow (CVE-2026-4151)
* gimp: GIMP: Remote Code Execution via malicious JP2 file parsing (CVE-2026-4152)
* GIMP: GIMP: Arbitrary code execution via specially crafted PSD file (CVE-2026-4150)
* gimp: GIMP: Remote Code Execution via PSP file parsing (CVE-2026-4153)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
gimp-libs-3.0.4-4.el9_8.4.aarch64.rpm |
060ae43e36d54cf9e912846da8f5c31774ea684229b5fff5838f7d670bb47340 |
| aarch64 |
gimp-3.0.4-4.el9_8.4.aarch64.rpm |
fc9497d1bccd9d89e8dafb9baa6f5eb8632193635d30fa073313bf17f24b32f7 |
| i686 |
gimp-libs-3.0.4-4.el9_8.4.i686.rpm |
47e24efe2d49ee0d2a1a443ade0a0c345e4b4c0780ff32302ef5cb1f8abb1217 |
| ppc64le |
gimp-3.0.4-4.el9_8.4.ppc64le.rpm |
54645bab9b5a40e4942df07b7ff6124ef88b2432a76785fe35558e9c6accfd26 |
| ppc64le |
gimp-libs-3.0.4-4.el9_8.4.ppc64le.rpm |
dc0109bc07efba1d962203f349a7b5cdd5f39b5c91416b48bebd6f9dc0ef0c25 |
| x86_64 |
gimp-3.0.4-4.el9_8.4.x86_64.rpm |
19c5e1ab5e92726957549c661bf682c291e9ba707e4ec1d9cd1dc4aaa0c04449 |
| x86_64 |
gimp-libs-3.0.4-4.el9_8.4.x86_64.rpm |
ed6a5175fd31ae951390159a38dbad47623599227081feb80e9aac314d70f2e7 |