Synopsis: Moderate: gimp security update Advisory ID: SLSA-2013:1778-1 Issue Date: 2013-12-03 CVE Numbers: CVE-2012-5576 CVE-2013-1913 CVE-2013-1978 -- A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The GIMP must be restarted for the update to take effect. -- SL5 x86_64 gimp-2.2.13-3.el5_10.x86_64.rpm gimp-debuginfo-2.2.13-3.el5_10.i386.rpm gimp-debuginfo-2.2.13-3.el5_10.x86_64.rpm gimp-libs-2.2.13-3.el5_10.i386.rpm gimp-libs-2.2.13-3.el5_10.x86_64.rpm gimp-devel-2.2.13-3.el5_10.i386.rpm gimp-devel-2.2.13-3.el5_10.x86_64.rpm i386 gimp-2.2.13-3.el5_10.i386.rpm gimp-debuginfo-2.2.13-3.el5_10.i386.rpm gimp-libs-2.2.13-3.el5_10.i386.rpm gimp-devel-2.2.13-3.el5_10.i386.rpm SL6 x86_64 gimp-2.6.9-6.el6_5.x86_64.rpm gimp-debuginfo-2.6.9-6.el6_5.x86_64.rpm gimp-help-browser-2.6.9-6.el6_5.x86_64.rpm gimp-libs-2.6.9-6.el6_5.x86_64.rpm gimp-debuginfo-2.6.9-6.el6_5.i686.rpm gimp-devel-2.6.9-6.el6_5.i686.rpm gimp-devel-2.6.9-6.el6_5.x86_64.rpm gimp-devel-tools-2.6.9-6.el6_5.x86_64.rpm gimp-libs-2.6.9-6.el6_5.i686.rpm i386 gimp-2.6.9-6.el6_5.i686.rpm gimp-debuginfo-2.6.9-6.el6_5.i686.rpm gimp-help-browser-2.6.9-6.el6_5.i686.rpm gimp-libs-2.6.9-6.el6_5.i686.rpm gimp-devel-2.6.9-6.el6_5.i686.rpm gimp-devel-tools-2.6.9-6.el6_5.i686.rpm - Scientific Linux Development Team