Debian Security Advisory

DSA-4077-1 gimp -- security update

Date Reported:
30 Dec 2017
Affected Packages:
Security database references:
In the Debian bugtracking system: Bug 884836, Bug 884837, Bug 884862, Bug 884925, Bug 884927, Bug 885347.
In Mitre's CVE dictionary: CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789.
More information:

Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service (application crash) or potentially the execution of arbitrary code if malformed files are opened.

For the oldstable distribution (jessie), these problems have been fixed in version 2.8.14-1+deb8u2.

For the stable distribution (stretch), these problems have been fixed in version 2.8.18-1+deb9u1.

We recommend that you upgrade your gimp packages.

For the detailed security status of gimp please refer to its security tracker page at: