Red Hat Local Security Checks : RedHat Update for gimp RHSA-2016:2589-02

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.871699

Categoría: Red Hat Local Security Checks

Título: RedHat Update for gimp RHSA-2016:2589-02

Resumen: The remote host is missing an update for the 'gimp'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'gimp'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The GIMP (GNU Image Manipulation Program)
is an image composition and editing program. GIMP provides a large image
manipulation toolbox, including channel operations and layers, effects, sub-pixel
imaging and anti-aliasing, and conversions, all with multi-level undo.

The following packages have been upgraded to a newer upstream version: gimp
(2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595)

Security Fix(es):

* Multiple use-after-free vulnerabilities were found in GIMP in the channel
and layer properties parsing process when loading XCF files. An attacker
could create a specially crafted XCF file which could cause GIMP to crash.
(CVE-2016-4994)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section.

Affected Software/OS:
gimp on
Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-4994
1036226
http://www.securitytracker.com/id/1036226
91425
http://www.securityfocus.com/bid/91425
DSA-3612
http://www.debian.org/security/2016/dsa-3612
RHSA-2016:2589
http://rhn.redhat.com/errata/RHSA-2016-2589.html
SSA:2016-203-01
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987
USN-3025-1
http://www.ubuntu.com/usn/USN-3025-1
https://bugzilla.gnome.org/show_bug.cgi?id=767873
https://git.gnome.org/browse/gimp/commit/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f
openSUSE-SU-2016:1727
http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.871699
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for gimp RHSA-2016:2589-02
Resumen:	The remote host is missing an update for the 'gimp'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'gimp' package(s) announced via the referenced advisory. Vulnerability Insight: The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. The following packages have been upgraded to a newer upstream version: gimp (2.8.16), gimp-help (2.8.2). (BZ#1298226, BZ#1370595) Security Fix(es): * Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files. An attacker could create a specially crafted XCF file which could cause GIMP to crash. (CVE-2016-4994) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section. Affected Software/OS: gimp on Red Hat Enterprise Linux Server (v. 7) Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4994 1036226 http://www.securitytracker.com/id/1036226 91425 http://www.securityfocus.com/bid/91425 DSA-3612 http://www.debian.org/security/2016/dsa-3612 RHSA-2016:2589 http://rhn.redhat.com/errata/RHSA-2016-2589.html SSA:2016-203-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987 USN-3025-1 http://www.ubuntu.com/usn/USN-3025-1 https://bugzilla.gnome.org/show_bug.cgi?id=767873 https://git.gnome.org/browse/gimp/commit/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f openSUSE-SU-2016:1727 http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html
Copyright	Copyright (C) 2016 Greenbone AG