Overview

File _patchinfo of Package patchinfo.42860

<patchinfo incident="42860">
  <!--generated  with prepare-update from request 402075-->
  <issue tracker="bnc" id="1258532">VUL-0: CVE-2026-2044: gimp: use g_malloc0 instead of g_malloc</issue>
  <issue tracker="bnc" id="1258533">VUL-0: CVE-2026-2045: gimp: check offset in the colormap is valid before using it</issue>
  <issue tracker="bnc" id="1258535">VUL-0: CVE-2026-2048: gimp: Add OoB check for loading XWD</issue>
  <issue tracker="cve" id="2025-10934"/>
  <issue tracker="cve" id="2026-2044"/>
  <issue tracker="cve" id="2026-2045"/>
  <issue tracker="cve" id="2026-2048"/>
  <category>security</category>
  <rating>important</rating>
  <packager>mgorse</packager>
  <summary>Security update for gimp</summary>
  <description>This update for gimp fixes the following issues:

- CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code
  (bsc#1258532).
- CVE-2026-2045: check offset in the colormap is valid before using it (bsc#1258533).
- CVE-2026-2048: lack of proper validation of user-supplied data can allow remote attackers to execute arbitrary code
  (bsc#1258535).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places