Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 845402 (CVE-2022-30067) - <media-gfx/gimp-2.10.32: memory exhaustion via crafted file
Summary: <media-gfx/gimp-2.10.32: memory exhaustion via crafted file
Status: IN_PROGRESS
Alias: CVE-2022-30067
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://gitlab.gnome.org/GNOME/gimp/-...
Whiteboard: B3 [glsa?]
Keywords: PullRequest
Depends on: 856790
Blocks:
  Show dependency tree
 
Reported: 2022-05-18 17:47 UTC by John Helmert III
Modified: 2022-07-11 22:58 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-05-18 17:47:36 UTC 
CVE-2022-30067:

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

Patch: https://gitlab.gnome.org/GNOME/gimp/-/commit/4f99f1fcfd892ead19831b5adcd38a99d71214b6
Comment 1 Sergey Torokhov 2022-06-15 20:52:40 UTC 
Pull Request updated with gimp-2.10.32 version bump instead of patched version of gimp-2.10.30.
Comment 2 Larry the Git Cow gentoo-dev 2022-06-15 20:58:29 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d2e5965d2cee1eb84e26896fec3321e2d195527

commit 7d2e5965d2cee1eb84e26896fec3321e2d195527
Author:     Sergey Torokhov <torokhov-s-a@yandex.ru>
AuthorDate: 2022-06-04 20:47:53 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-06-15 20:56:26 +0000

    media-gfx/gimp: 2.10.32 version bump, fix CVE-2022-30067
    
    Bug: https://bugs.gentoo.org/845402
    
    Signed-off-by: Sergey Torokhov <torokhov-s-a@yandex.ru>
    Closes: https://github.com/gentoo/gentoo/pull/25757
    Signed-off-by: Sam James <sam@gentoo.org>

 media-gfx/gimp/Manifest            |   1 +
 media-gfx/gimp/gimp-2.10.32.ebuild | 210 +++++++++++++++++++++++++++++++++++++
 2 files changed, 211 insertions(+)
Comment 3 Sergey Torokhov 2022-07-07 06:20:11 UTC 
Stable request: https://bugs.gentoo.org/856790
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-08 17:46:08 UTC 
Thanks! In the future you can just add the security bugs to stablereqs in the "blocks" field.
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-10 22:03:45 UTC 
Please cleanup
Comment 6 Larry the Git Cow gentoo-dev 2022-07-11 22:50:07 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=180e767499a9434ebbee66cab692bdc5c0278f98

commit 180e767499a9434ebbee66cab692bdc5c0278f98
Author:     Sergey Torokhov <torokhov-s-a@yandex.ru>
AuthorDate: 2022-07-11 21:24:09 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-07-11 22:48:01 +0000

    media-gfx/gimp: cleanup CVEs affected 2.10.28, 2.10.30
    
    Bug: https://bugs.gentoo.org/845402
    Bug: https://bugs.gentoo.org/856283
    
    Signed-off-by: Sergey Torokhov <torokhov-s-a@yandex.ru>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 media-gfx/gimp/Manifest               |   2 -
 media-gfx/gimp/gimp-2.10.28-r1.ebuild | 211 ----------------------------------
 media-gfx/gimp/gimp-2.10.30.ebuild    | 211 ----------------------------------
 3 files changed, 424 deletions(-)
Comment 7 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-11 22:58:21 UTC 
Thanks!