Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 940054 - media-gfx/gimp-2.10.38, media-libs/gegl-0.4.48 and media-libs/babl-0.1.108 stabilisation
Summary: media-gfx/gimp-2.10.38, media-libs/gegl-0.4.48 and media-libs/babl-0.1.108 st...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Stabilization (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Sergey Torokhov
URL:
Whiteboard:
Keywords: CC-ARCHES, SECURITY
Depends on:
Blocks: gcc-14-stable CVE-2023-44441, CVE-2023-44442, CVE-2023-44443, CVE-2023-44444, ZDI-23-1591, ZDI-CAN-22093, ZDI-CAN-22094, ZDI-CAN-22096, ZDI-CAN-22097
  Show dependency tree
 
Reported: 2024-09-22 17:14 UTC by Andreas Sturmlechner
Modified: 2024-12-12 11:06 UTC (History)
5 users (show)

See Also:
Package list:
media-libs/babl-0.1.108 media-libs/gegl-0.4.48 media-gfx/gimp-2.10.38-r1
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Sturmlechner gentoo-dev 2024-09-22 17:14:58 UTC
How about that?
Comment 1 Sergey Torokhov 2024-09-24 01:31:48 UTC
The mentioned CVEs were fixed in gimp-2.10.36 as stated in relese notes: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/#fixed-vulnerabilities

The current problem with gimp-2.10.3x is fail test-tool https://bugs.gentoo.org/910444.
It's strange that this issue I could observed from run to run of tests but I need to recheck again how often it takes place.

On the other hand the addidional issue was fixed in 2.10.38: https://bugs.gentoo.org/937540
Comment 2 Joonas Niilola gentoo-dev 2024-09-25 13:58:33 UTC
amd64 done
Comment 3 Joonas Niilola gentoo-dev 2024-09-25 13:59:33 UTC
x86 done
Comment 4 NATTkA bot gentoo-dev Security 2024-10-18 12:40:46 UTC Comment hidden (obsolete)
Comment 5 Andreas Sturmlechner gentoo-dev 2024-11-12 20:57:04 UTC
ping remaining arches
Comment 6 Andreas Sturmlechner gentoo-dev 2024-12-11 21:57:21 UTC
ping all.
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-12-12 11:04:03 UTC
arm64 done
Comment 8 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-12-12 11:04:04 UTC
ppc64 done

all arches done