Advisories ยป MGASA-2018-0273

Updated gimp packages fix security vulnerabilities

Publication date: 06 Jun 2018
Modification date: 06 Jun 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-17784 , CVE-2017-17785 , CVE-2017-17786 , CVE-2017-17787 , CVE-2017-17788 , CVE-2017-17789

Description

Updated gimp packages fix security vulnerabilities:

Several vulnerabilities were discovered in GIMP which could result in denial of
service (application crash) or potentially the execution of arbitrary code if
malformed files are opened (CVE-2017-17784, CVE-2017-17785, CVE-2017-17786,
CVE-2017-17787, CVE-2017-17788, CVE-2017-17789).

Also, the webkit1-based help browser plugin has been disabled in favor of using
an external browser for the help pages.  This is due to security issues in
webkit.
                

References

SRPMS

6/core