Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 940054 - media-gfx/gimp-2.10.38, media-libs/gegl-0.4.48 and media-libs/babl-0.1.108 stabilisation
Summary: media-gfx/gimp-2.10.38, media-libs/gegl-0.4.48 and media-libs/babl-0.1.108 st...
Status: IN_PROGRESS
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Stabilization (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Sergey Torokhov
URL:
Whiteboard:
Keywords: CC-ARCHES, SECURITY
Depends on:
Blocks: CVE-2023-44441, CVE-2023-44442, CVE-2023-44443, CVE-2023-44444, ZDI-23-1591, ZDI-CAN-22093, ZDI-CAN-22094, ZDI-CAN-22096, ZDI-CAN-22097 gcc-14-stable
  Show dependency tree
 
Reported: 2024-09-22 17:14 UTC by Andreas Sturmlechner
Modified: 2024-10-31 19:49 UTC (History)
4 users (show)

See Also:
Package list:
media-libs/babl-0.1.108 media-libs/gegl-0.4.48 media-gfx/gimp-2.10.38-r1
Runtime testing required: ---
nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Sturmlechner gentoo-dev 2024-09-22 17:14:58 UTC 
How about that?
Comment 1 Sergey Torokhov 2024-09-24 01:31:48 UTC 
The mentioned CVEs were fixed in gimp-2.10.36 as stated in relese notes: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/#fixed-vulnerabilities

The current problem with gimp-2.10.3x is fail test-tool https://bugs.gentoo.org/910444.
It's strange that this issue I could observed from run to run of tests but I need to recheck again how often it takes place.

On the other hand the addidional issue was fixed in 2.10.38: https://bugs.gentoo.org/937540
Comment 2 Joonas Niilola gentoo-dev 2024-09-25 13:58:33 UTC 
amd64 done
Comment 3 Joonas Niilola gentoo-dev 2024-09-25 13:59:33 UTC 
x86 done
Comment 4 NATTkA bot gentoo-dev 2024-10-18 12:40:46 UTC Comment hidden (obsolete)