Package: gimp / 3.0.4-3+deb13u1

Metadata

Package Version Patches format
gimp 3.0.4-3+deb13u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
plug ins dds fix 12790 for 32 bit.patch | (download)

plug-ins/file-dds/ddsread.c | 20 16 + 4 - 0 !
1 file changed, 16 insertions(+), 4 deletions(-)

 
 plug-ins/dds: fix #12790 for 32-bit

On 32-bit systems the computed linear size can overflow, causing a
crash.
Use a function that checks for overflow when multiplying and return
an error if that fails.
As extra security also update the loop to compute the base offset after
each line of data, and convert to gsize first when computing the
size for g_malloc and memset.

(cherry picked from commit c17b324910204a47828d6fbb542bdcefbd66bcc1)
CVE 2025 10924.patch | (download)

plug-ins/common/file-farbfeld.c | 31 24 + 7 - 0 !
1 file changed, 24 insertions(+), 7 deletions(-)

 
 [patch] plug-ins: fix zdi-can-27836
CVE 2025 10923.patch | (download)

plug-ins/common/file-wbmp.c | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 
 [patch] plug-ins: fix zdi-can-27878
CVE 2025 10922.patch | (download)

plug-ins/common/file-dicom.c | 65 51 + 14 - 0 !
1 file changed, 51 insertions(+), 14 deletions(-)

 
 [patch] plug-ins: fix dicom plug-in zdi-can-27863
CVE 2025 10920.patch | (download)

plug-ins/file-icns/file-icns-load.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 
 [patch] plug-ins: fix zdi-can-27684