Debian Security Advisory

DLA-525-1 gimp -- LTS security update

Date Reported:

25 Jun 2016

Affected Packages:

gimp

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-4994.

More information:

It was discovered that there was a use-after-free vulnerability in the channel and layer properties parsing process in Gimp, the GNU Image Manipulation Program.

For Debian 7 Wheezy, this issue has been fixed in gimp version 2.8.2-2+deb7u2.

We recommend that you upgrade your gimp packages.