Your message dated Mon, 19 May 2025 13:04:53 +0000
with message-id <e1uh0an-0040zv...@fasolo.debian.org>
and subject line Bug#1105005: fixed in gimp 3.0.2-3.1
has caused the Debian Bug report #1105005,
regarding gimp: ZDI-CAN-26752
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1105005: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105005
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: gimp
Version: 3.0.2-3
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi
There is ZDI-CAN-26752 report (with no CVE assignment yet), reported
upstream at https://gitlab.gnome.org/GNOME/gimp/-/issues/13910
Upstream fix:
https://gitlab.gnome.org/GNOME/gimp/-/commit/c855d1df60ebaf5ef8d02807d448eb088f147a2b
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: gimp
Source-Version: 3.0.2-3.1
Done: Salvatore Bonaccorso <car...@debian.org>
We believe that the bug you reported is fixed in the latest version of
gimp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1105...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated gimp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 17 May 2025 14:05:55 +0200
Source: gimp
Architecture: source
Version: 3.0.2-3.1
Distribution: unstable
Urgency: medium
Maintainer: Debian GNOME Maintainers
<pkg-gnome-maintain...@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Closes: 1105005
Changes:
gimp (3.0.2-3.1) unstable; urgency=medium
.
* Non-maintainer upload.
* plug-ins: ZDI-CAN-26752 mitigation (Closes: #1105005)
Checksums-Sha1:
774fbd6c3a72aa422341082c40e550774d762cd2 4054 gimp_3.0.2-3.1.dsc
012b4a9b519d22bf1163428d0572d2712137255f 64544 gimp_3.0.2-3.1.debian.tar.xz
914324315f84a32aada5c7564d9ee937ccf1f6a1 8275 gimp_3.0.2-3.1_source.buildinfo
Checksums-Sha256:
bbbf8b5ca552bbc8829b926f0b274a98df66afacc73179e5ba401b762845c11f 4054
gimp_3.0.2-3.1.dsc
12337ea95ce6c7dbd86412c59adb1c6d630e45c634d1ee71e2798a8b2a27f51b 64544
gimp_3.0.2-3.1.debian.tar.xz
e7d099041a72241161fe675c1361617d235755c65269e7552ac98c4589cb12cb 8275
gimp_3.0.2-3.1_source.buildinfo
Files:
a6d4d6eacc703fb8643960fa525fad90 4054 graphics optional gimp_3.0.2-3.1.dsc
ebb7045a2ef4af3eea50681c58f270bb 64544 graphics optional
gimp_3.0.2-3.1.debian.tar.xz
be692f197313d86c92b6468f76e078f1 8275 graphics optional
gimp_3.0.2-3.1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmgohQVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EmlgP/iV0U/GJO2CivFeikBAMRs74XO8gahPH
ONYAycli4P0ksVku0MKea0O1Ls59rb8NL46KrCO35kC3A4vZgOhVgA6qyz0cq7KZ
kvRtK+xBicu2Lwo2JVDn8PFr/IUqYFX51cNCsh3QPn8NENMCUQQZ/ddbxeVrDnhV
h7eXqsGnPBXR4NgVoYe4VjF6qx4VvQ3QSbFWoaGwAOE3L638MhqBMTSnpl+xjZYl
I1/CuRJ0ciWUKLPy8+T10CVRFDLRDDXbztQhBzMI+re37KY/Lw6STkre5cszyXpr
pY3kg37ytzkBIWmKnDE+b2kNne4vxVxJO3weZVVC5bD8xfSHoC04K9O7pUl54juJ
gDilIEzDMFbW9Uk/46iM4WJWQhGcQHWDmzrOEjTDlNWt7VDdgDQXfawyqAxpTJWF
kkUCeI++oBvqOLa568IP0JVXSOZFjkmi+3tV3jn/zapExSumAJgGbw+tXTE/iOBr
jtzAh5QhdgcjV01BPYNWBUcCcP3mLmi4HLImSZpo9XmiOz0JdtWejXTKmEEawxMF
HTNTKU+Qsl/Vsjoh9nFAg21mQ9efgBVJPDksoWLV4GFtAWy+3cFzjR4/VGp63YYN
ROuY+kEptkz8Znebd1FOeBaGcXmaBTTHKluyn9X3GoMpFyMcxaHTrU72bn0fhsCa
205morAcn7E1
=JYUP
-----END PGP SIGNATURE-----
pgpu5Gn1pgfsc.pgp
Description: PGP signature
--- End Message ---
