Description:
The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo.
Security Fix(es):
* gimp: GIMP: Remote code execution via heap-based buffer overflow in ICNS file parsing (CVE-2026-2047)
* gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing (CVE-2026-2044)
* gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing (CVE-2026-2045)
* gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability (CVE-2026-0797)
* gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability (CVE-2026-2048)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
gimp-3.0.4-1.el9_7.4.aarch64.rpm |
0ba5e0da79e0dd487bec47f806c8dc86ecb114de2b8d1a8c438b52d5bc33bec9 |
| aarch64 |
gimp-libs-3.0.4-1.el9_7.4.aarch64.rpm |
ca7ab331ea23e8b8e2605e2cc2a7e95bde7c1103c075cfd758a06c29149f277d |
| i686 |
gimp-libs-3.0.4-1.el9_7.4.i686.rpm |
5ff8a5d1e3dc800171250cad150f626992c4ab2cf3986b5feb85fa429e9acc80 |
| ppc64le |
gimp-libs-3.0.4-1.el9_7.4.ppc64le.rpm |
ad31c3f7e72bbb2cbb408e460ceb065a751d2fb0d033cb17cc5f840be0bca102 |
| ppc64le |
gimp-3.0.4-1.el9_7.4.ppc64le.rpm |
b684963cf145046f21c17636b973e5668cf1efd4dc5412d00fc3a8f92566e09f |
| x86_64 |
gimp-libs-3.0.4-1.el9_7.4.x86_64.rpm |
5583ae30e289d87f716c375dc3a5e2ba9967d8461f218d6cbc59dd2c6e12cff2 |
| x86_64 |
gimp-3.0.4-1.el9_7.4.x86_64.rpm |
ba85319dc2fd30e9814d352bcd2be6ad34b508c9c5b06a6ae6ca95552580bb5e |
