========================================================================== Ubuntu Security Notice USN-1659-1 December 10, 2012 gimp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS Summary: GIMP could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - gimp: The GNU Image Manipulation Program Details: It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: gimp 2.8.2-1ubuntu1.1 Ubuntu 12.04 LTS: gimp 2.6.12-1ubuntu1.2 Ubuntu 11.10: gimp 2.6.11-2ubuntu4.2 Ubuntu 10.04 LTS: gimp 2.6.8-2ubuntu1.6 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1659-1 CVE-2012-5576 Package Information: https://launchpad.net/ubuntu/+source/gimp/2.8.2-1ubuntu1.1 https://launchpad.net/ubuntu/+source/gimp/2.6.12-1ubuntu1.2 https://launchpad.net/ubuntu/+source/gimp/2.6.11-2ubuntu4.2 https://launchpad.net/ubuntu/+source/gimp/2.6.8-2ubuntu1.6
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.