mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

gimp: patch CVE-2025-15059

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15059

Backport the patch that is referenced by the NVD advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Gyorgy Sarvari
2026-03-04 21:39:44 +01:00
committed by Anuj Mittal
parent 077dad4b6d
commit 42d1f2f681
2 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-gnome/recipes-gimp/gimp/gimp/CVE-2025-15059.patch
+33
View File
@@ -0,0 +1,33 @@
From 5c9b71cf1ba8806ace50ab20e074cf850c7c02c4 Mon Sep 17 00:00:00 2001
From: Jacob Boerema <jgboerema@gmail.com>
Date: Sat, 20 Dec 2025 10:10:48 -0500
Subject: [PATCH] plug-ins: fix #15284 ZDI-CAN-28232 vulnerability in file-psp
We were not checking whether channel types were valid for grayscale
images. Using a blue color channel caused an invalid computation of
the offset which could cause us to access an invalid memory location.
Now we separate RGB from non-RGB images when checking which channels
are valid, and if not return with an error.
CVE: CVE-2025-15059
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gimp/-/commit/03575ac8cbb0ef3103b0a15d6598475088dcc15e]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
plug-ins/common/file-psp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c
index 6a6b93d..bcad357 100644
--- a/plug-ins/common/file-psp.c
+++ b/plug-ins/common/file-psp.c
@@ -2020,7 +2020,8 @@ read_layer_block (FILE *f,
}
else
{
- if (channel_type > PSP_CHANNEL_BLUE)
+ if ((ia->base_type == GIMP_RGB && channel_type > PSP_CHANNEL_BLUE) ||
+ (ia->base_type != GIMP_RGB && channel_type >= PSP_CHANNEL_RED))
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid channel type %d in channel information chunk"),
meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
+2 -1
View File
@@ -50,7 +50,8 @@ SRC_URI = "https://download.gimp.org/pub/${BPN}/v${SHPV}/${BP}.tar.bz2 \
file://CVE-2025-14422.patch \
file://CVE-2025-14425.patch \
file://CVE-2025-5473.patch \
"
file://CVE-2025-15059.patch \
"
SRC_URI[sha256sum] = "50a845eec11c8831fe8661707950f5b8446e35f30edfb9acf98f85c1133f856e"
EXTRA_OECONF = "--disable-python \