[CLSA-2026:1776848113] gimp: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2026-04-22 08:55:18 UTC
Description:
- CVE-2026-2239: fix heap-buffer-overflow in fread_pascal_string when processing PSD files and a follow-up NULL pointer dereference in load_resource_1006 alpha names handling - CVE-2026-2272: fix integer overflow in ICO file loading
Updated packages:
  • gimp-2.99.8-4.el9.2.tuxcare.els7.x86_64.rpm
    sha:97e24e836a0b90dc8a887f6058af98a8722caf6487f3dd43686cf60551729843
  • gimp-devel-2.99.8-4.el9.2.tuxcare.els7.x86_64.rpm
    sha:3d0ab67ade2181c0219acb423df8233317d4b9299f4188a4c43d13761414d097
  • gimp-devel-tools-2.99.8-4.el9.2.tuxcare.els7.x86_64.rpm
    sha:0f33e69ad75493a398aca3be0d2894fc9f0bfd310a6c11b7fb30df1d24c2ffa4
  • gimp-libs-2.99.8-4.el9.2.tuxcare.els7.i686.rpm
    sha:c647d7f1a24aaea17f7c063f1c16e1f2184f837e1d769c1920ab779525372b2d
  • gimp-libs-2.99.8-4.el9.2.tuxcare.els7.x86_64.rpm
    sha:8ae0f956612aa1f255409ac9c3d964aa33f0bea62913f2adbfb9b5443e9d5fb2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.