|
From: | Ludovic Courtès |
Subject: | Re: GIMP: Fix CVE-2016-4994 |
Date: | Sat, 02 Jul 2016 15:19:25 +0200 |
User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Leo Famulari <address@hidden> skribis: > GIMP has a use-after-free bug related to XCF file parsing that allows > arbitrary code execution: > https://security-tracker.debian.org/tracker/CVE-2016-4994 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994 > > This patch cherry-picks the upstream commit from the gimp-2-8 branch: > https://git.gnome.org/browse/gimp/commit/?h=gimp-2-8&id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f Go for it! Thank you for taking care of it, as usual! Ludo’.
[Prev in Thread] | Current Thread | [Next in Thread] |