diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2026-03-05 12:07:11 +0100 |
|---|---|---|
| committer | Anuj Mittal <anuj.mittal@oss.qualcomm.com> | 2026-03-24 08:47:06 +0530 |
| commit | 210ce6945cb84ec116acbba9366447e5a0cfd38b (patch) | |
| tree | 37f8d7a70895f676acc11947a6d4c55afcda6be9 /meta-gnome | |
| parent | 276a3b71954f8d953e9f20212726c86c09343fa9 (diff) | |
| download | meta-openembedded-210ce6945cb84ec116acbba9366447e5a0cfd38b.tar.gz | |
gimp: patch CVE-2026-2045
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-2045
Pick the patch associated with the relevant upstream issue[1].
[1]: https://gitlab.gnome.org/GNOME/gimp/-/issues/15293
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-gnome')
| -rw-r--r-- | meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch | 36 | ||||
| -rw-r--r-- | meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb | 1 |
2 files changed, 37 insertions, 0 deletions
diff --git a/meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch b/meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch new file mode 100644 index 0000000000..c084b5704f --- /dev/null +++ b/meta-gnome/recipes-gimp/gimp/gimp/CVE-2026-2045.patch | |||
| @@ -0,0 +1,36 @@ | |||
| 1 | From 584e67bdd529ab37b50eeba7e62e975af8c6d617 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Jacob Boerema <jgboerema@gmail.com> | ||
| 3 | Date: Thu, 15 Jan 2026 10:12:07 -0500 | ||
| 4 | Subject: [PATCH] plug-ins: fix #15293 security issue ZDI-CAN-28265 | ||
| 5 | |||
| 6 | Just like we did in commit 4eb106f2bff2d9b8e518aa455a884c6f38d70c6a | ||
| 7 | we need to make sure that the offset in the colormap is valid before | ||
| 8 | using it, before using it to compute the RGB values. | ||
| 9 | |||
| 10 | CVE: CVE-2026-2045 | ||
| 11 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gimp/-/commit/68b27dfb1cbd9b3f22d7fa624dbab8647ee5f275] | ||
| 12 | Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> | ||
| 13 | --- | ||
| 14 | plug-ins/common/file-xwd.c | 10 +++++++++- | ||
| 15 | 1 file changed, 9 insertions(+), 1 deletion(-) | ||
| 16 | |||
| 17 | diff --git a/plug-ins/common/file-xwd.c b/plug-ins/common/file-xwd.c | ||
| 18 | index 53e4cd2..8ab11c0 100644 | ||
| 19 | --- a/plug-ins/common/file-xwd.c | ||
| 20 | +++ b/plug-ins/common/file-xwd.c | ||
| 21 | @@ -1624,7 +1624,14 @@ load_xwd_f2_d16_b16 (const gchar *filename, | ||
| 22 | |||
| 23 | for (j = 0; j < ncols; j++) | ||
| 24 | { | ||
| 25 | - cm = ColorMap + xwdcolmap[j].l_pixel * 3; | ||
| 26 | + goffset offset = xwdcolmap[j].l_pixel * 3; | ||
| 27 | + | ||
| 28 | + if (offset+2 >= maxval) | ||
| 29 | + { | ||
| 30 | + g_message (_("Invalid colormap offset. Possibly corrupt image.")); | ||
| 31 | + return NULL; | ||
| 32 | + } | ||
| 33 | + cm = ColorMap + offset; | ||
| 34 | *(cm++) = (xwdcolmap[j].l_red >> 8); | ||
| 35 | *(cm++) = (xwdcolmap[j].l_green >> 8); | ||
| 36 | *cm = (xwdcolmap[j].l_blue >> 8); | ||
diff --git a/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb b/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb index 4f273a7cbb..d38160a864 100644 --- a/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb +++ b/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb | |||
| @@ -56,6 +56,7 @@ SRC_URI = "https://download.gimp.org/pub/${BPN}/v${SHPV}/${BP}.tar.bz2 \ | |||
| 56 | file://CVE-2025-2761.patch \ | 56 | file://CVE-2025-2761.patch \ |
| 57 | file://CVE-2026-0797.patch \ | 57 | file://CVE-2026-0797.patch \ |
| 58 | file://CVE-2026-2044.patch \ | 58 | file://CVE-2026-2044.patch \ |
| 59 | file://CVE-2026-2045.patch \ | ||
| 59 | " | 60 | " |
| 60 | SRC_URI[sha256sum] = "50a845eec11c8831fe8661707950f5b8446e35f30edfb9acf98f85c1133f856e" | 61 | SRC_URI[sha256sum] = "50a845eec11c8831fe8661707950f5b8446e35f30edfb9acf98f85c1133f856e" |
| 61 | 62 | ||
