Updated gimp package fixes security vulnerabilities
Publication date: 06 Dec 2013Modification date: 06 Dec 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-1913 , CVE-2013-1978
Description
An integer overflow flaw and a heap-based buffer overflow were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP (CVE-2013-1913, CVE-2013-1978).
References
SRPMS
3/core
- gimp-2.8.2-3.1.mga3