*** This bug is a security vulnerability *** Public security bug reported:
I would have done the sync myself but we're beyond Final Freeze and this seems like something the security team should handle. Please sync gegl 1:0.4.62-3.1 (universe) from Debian unstable (main) Changelog entries since current questing version 1:0.4.62-3: gegl (1:0.4.62-3.1) unstable; urgency=medium * Non-maintainer upload. * ZDI-CAN-27803: GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2025-10921) (Closes: #1116470) -- Salvatore Bonaccorso <[email protected]> Fri, 03 Oct 2025 17:37:16 +0200 ** Affects: gegl (Ubuntu) Importance: Critical Status: Confirmed ** Changed in: gegl (Ubuntu) Importance: Undecided => Wishlist ** Changed in: gegl (Ubuntu) Status: New => Confirmed ** Information type changed from Public to Public Security ** Changed in: gegl (Ubuntu) Importance: Wishlist => Critical ** Description changed: + I would have done the sync myself but we're beyond Final Freeze and this + seems like something the security team should handle. + Please sync gegl 1:0.4.62-3.1 (universe) from Debian unstable (main) Changelog entries since current questing version 1:0.4.62-3: gegl (1:0.4.62-3.1) unstable; urgency=medium - * Non-maintainer upload. - * ZDI-CAN-27803: GIMP HDR File Parsing Heap-based Buffer Overflow Remote - Code Execution Vulnerability (CVE-2025-10921) (Closes: #1116470) + * Non-maintainer upload. + * ZDI-CAN-27803: GIMP HDR File Parsing Heap-based Buffer Overflow Remote + Code Execution Vulnerability (CVE-2025-10921) (Closes: #1116470) - -- Salvatore Bonaccorso <[email protected]> Fri, 03 Oct 2025 17:37:16 + -- Salvatore Bonaccorso <[email protected]> Fri, 03 Oct 2025 17:37:16 +0200 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2126848 Title: Sync gegl 1:0.4.62-3.1 (universe) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gegl/+bug/2126848/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
