The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Gimp: buffer overflow via a Sun Raster image

Synthesis of the vulnerability 

An attacker can create an image containing a high number of colours in order to generate an overflow on computers of Gimp users.
Vulnerable products: Debian, Fedora, GIMP, Mandriva Linux, Windows (platform) ~ not comprehensive, openSUSE, Solaris, RHEL, TurboLinux, Unix (platform) ~ not comprehensive.
Severity of this weakness: 2/4.
Creation date: 27/04/2007.
Revision date: 10/05/2007.
Références of this bulletin: 103170, 20070502-01-P, 201320, 6263045, 6569966, 6569992, 9 Jun 2007 17:09:18, BID-23680, CERTA-2007-AVI-240, CVE-2007-2356, FEDORA-2007-0725, FEDORA-2007-489, FEDORA-2007-491, FEDORA-2007-618, FEDORA-2007-619, MDKSA-2007:108, RHSA-2007:0343-01, SUSE-SR:2007:011, TLSA-2007-34, VIGILANCE-VUL-6768.

Description of the vulnerability 

The Sun Raster format is used for bitmap images, and is recognized by the Gimp drawing software.

When a SUNRAS image contains a large number of colours, an overflow occurs in set_color_table() function.

An attacker can therefore create a malicious image in order to execute code on computers of Gimp users accepting to open it.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security bulletin impacts software or systems such as Debian, Fedora, GIMP, Mandriva Linux, Windows (platform) ~ not comprehensive, openSUSE, Solaris, RHEL, TurboLinux, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this cybersecurity announce is medium.

The trust level is of type confirmed by the editor, with an origin of document.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this vulnerability alert.

Solutions for this threat 

Gimp: version 2.2.15.
Version 2.2.15 is corrected:
  http://www.gimp.org/downloads/#mirrors

Debian: new gimp packages.
New packages are available:
Debian 3.1
 amd64 architecture (AMD x86_64 (AMD64))
  http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge2_amd64.deb
    Size/MD5 checksum: 43760 a876daebc8d5635bc5a9f6a5136b20ff
  http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge2_amd64.deb
    Size/MD5 checksum: 43502 39f9b1c77aaf7c9151b9078fa623086e
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge2_amd64.deb
    Size/MD5 checksum: 543874 5000b6a2a7681b1d9ded45f989085c92
  http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge2_amd64.deb
    Size/MD5 checksum: 3266170 aa057b49433068ce11ae9de639f394ff
  http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge2_amd64.deb
    Size/MD5 checksum: 122058 37e7d984215b57fdf7acf12a73ae2b09
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge2_amd64.deb
    Size/MD5 checksum: 98288 99fffa020fa1b0b671726eba9f83e9ad
 i386 architecture (Intel ia32)
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge2_i386.deb
    Size/MD5 checksum: 98310 0b9026295f1ad7b6c4c5f350a53729d7
  http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge2_i386.deb
    Size/MD5 checksum: 3087440 00e0f1266ebb33f3e7950715c2b1660e
  http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge2_i386.deb
    Size/MD5 checksum: 43278 54f5036e2af0ade98d50a85915e09cd1
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge2_i386.deb
    Size/MD5 checksum: 521812 110f658b7b0c1a4f3f8e410e10e3a4c2
  http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge2_i386.deb
    Size/MD5 checksum: 42732 5a16a28580db0d30f96ae4fe8ffa52d7
  http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge2_i386.deb
    Size/MD5 checksum: 117056 6c1c69b50355851e126143f5fdfc1699
 ia64 architecture (Intel ia64)
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.6-1sarge2_ia64.deb
    Size/MD5 checksum: 98254 313c0ec143bb6f3b1cf0e3c70d7d8696
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.6-1sarge2_ia64.deb
    Size/MD5 checksum: 632356 2d9bfa4db1cc43cc271e66980868ccc3
  http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.6-1sarge2_ia64.deb
    Size/MD5 checksum: 4581884 a789407f008585ac02d633d838191a3e
  http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.6-1sarge2_ia64.deb
    Size/MD5 checksum: 46888 f007a08a817b5f70ac245480e9ea37af
  http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.6-1sarge2_ia64.deb
    Size/MD5 checksum: 135838 33ff3cf8a72fc696cb8cd9329e177a87
  http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.6-1sarge2_ia64.deb
    Size/MD5 checksum: 46630 d89128e6c6649a28a33597afbedcc9a8
Debian 4.0
 amd64 architecture (AMD x86_64 (AMD64))
  http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 145610 508b5d8a41bfe04366d36d51c0c0cbc2
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 119394 b0cbba33d1c68f3bad61fc84a3c74ccf
  http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 64802 d4910588d0a93d6edbd48249b87b383e
  http://security.debian.org/pool/updates/main/g/gimp/gimp-dbg_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 8387096 328bacc64dc7829d90a3af1f40e5995a
  http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 3222986 744e4c8c4c4af9461ef871f371876e85
  http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 65032 c2ec2427c1ec427795ffe02c68dc4f73
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.13-1etch1_amd64.deb
    Size/MD5 checksum: 574360 9b613ae0074f2b0a3efdab51a694be31
 i386 architecture (Intel ia32)
  http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 3067878 d41a69e53cbdeaed322eb29a6133f28b
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 547042 f3a4a00c3f7555f1db76f76d23d3e74f
  http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 139794 d5068cde1414fc9324ff6814e44d9551
  http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 64092 aa174fa3c5e4adeae8b2eafa6e558bed
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 119398 183416800cc9c1b768962a3dc087528a
  http://security.debian.org/pool/updates/main/g/gimp/gimp-dbg_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 7776248 19a938869e33fbe57ed81c49b9be8640
  http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.13-1etch1_i386.deb
    Size/MD5 checksum: 64718 d73113ef63d905f2993c0ba729fc9335
 ia64 architecture (Intel ia64)
  http://security.debian.org/pool/updates/main/g/gimp/gimp-svg_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 69564 20d31bfd39e6316bccd83082745f76d8
  http://security.debian.org/pool/updates/main/g/gimp/gimp-helpbrowser_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 69548 e23d6b6e4e2d780ebbd69190773956a1
  http://security.debian.org/pool/updates/main/g/gimp/gimp-dbg_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 8084842 9ec86da8406eaa2b7d7062c9aeae66d2
  http://security.debian.org/pool/updates/main/g/gimp/gimp-python_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 162772 a012ff166d28f3d5f90ac32bc23bad00
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0-dev_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 119402 f953faf239f043b32fa2609d38182fa0
  http://security.debian.org/pool/updates/main/g/gimp/libgimp2.0_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 673930 4049b7a37bc8c50e94e1be74287e9f42
  http://security.debian.org/pool/updates/main/g/gimp/gimp_2.2.13-1etch1_ia64.deb
    Size/MD5 checksum: 4798240 9fdc183ec5cb9496a0ee7f004e9002c6

Fedora 7: new gimp packages.
New packages are available:
af4ed8d9db744c0ef9d3b18af52bef6beb3aa9fb gimp-libs-2.2.15-3.fc7.ppc64.rpm
4cded5ed3dddcef29eb70f2f13d93951f7739ad3 gimp-devel-2.2.15-3.fc7.ppc64.rpm
fb6ad82c1c9760474a9b54dd187059a16173e697 gimp-2.2.15-3.fc7.ppc64.rpm
fbadeea2c64fbe9f30ef31e3e097b4ceefaefb59 gimp-debuginfo-2.2.15-3.fc7.ppc64.rpm
e33ad70e010e39f2b6c4ad7792193f7bde1ddab6 gimp-devel-2.2.15-3.fc7.i386.rpm
eea025a30a815938b84fa384943276424e82183f gimp-debuginfo-2.2.15-3.fc7.i386.rpm
247cd0369ae1af8e5ec9df2d841c14a8c35bbb40 gimp-2.2.15-3.fc7.i386.rpm
94ef7d2127105f40d09c59e16c9650c1bcd7e12b gimp-libs-2.2.15-3.fc7.i386.rpm
e7984a1f1c428c7fbad5b237d27c2f1a9d60787e gimp-debuginfo-2.2.15-3.fc7.x86_64.rpm
e04071193cc82118d1d966a48299ce6c1d332a13 gimp-libs-2.2.15-3.fc7.x86_64.rpm
bed8a43dc5c1b41506b82eb6dc80b45494f840a7 gimp-devel-2.2.15-3.fc7.x86_64.rpm
8b6caab17a9bced374e8ec2e01e067bd1ff98d7b gimp-2.2.15-3.fc7.x86_64.rpm
9d35270e571b396e0a7405b7747cc7b5c4dab34f gimp-2.2.15-3.fc7.ppc.rpm
5eb8bf64fadac804e11029ade7168e5ba20b9a15 gimp-debuginfo-2.2.15-3.fc7.ppc.rpm
20abd437998705003ca2e6212ca1091cac369784 gimp-libs-2.2.15-3.fc7.ppc.rpm
d8fbed64305ccc87d45758946695b25f4b1a38f0 gimp-devel-2.2.15-3.fc7.ppc.rpm
89275abb6bd3026bf5f3d88f7e376811171ebf7b gimp-2.2.15-3.fc7.src.rpm

Fedora Core 5: new gimp 2.2.14-5.fc5 packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
729ed6a6ac211cd2b36cac0e0c545ed204d45487 SRPMS/gimp-2.2.14-5.fc5.src.rpm
729ed6a6ac211cd2b36cac0e0c545ed204d45487 noarch/gimp-2.2.14-5.fc5.src.rpm
c04e4b7b81019594fefc39ce008e8b372f87683c ppc/gimp-2.2.14-5.fc5.ppc.rpm
3a0d3944f284766c705deba6260b72b2fc5e77e2 ppc/gimp-devel-2.2.14-5.fc5.ppc.rpm
01add798f95e1fa3b2aaf2f9b08b628479c9e53e ppc/gimp-libs-2.2.14-5.fc5.ppc.rpm
573b314dfcb14366113db088bddeb0257f49e03c ppc/debug/gimp-debuginfo-2.2.14-5.fc5.ppc.rpm
fc3683a68d956306b02e980e1077769c6c7f1c12 x86_64/gimp-libs-2.2.14-5.fc5.x86_64.rpm
1a48f756d5efb530fbe85af52819db36680b2500 x86_64/debug/gimp-debuginfo-2.2.14-5.fc5.x86_64.rpm
5a542a0a58d94024b07cdeeb9e60777c77c63e97 x86_64/gimp-devel-2.2.14-5.fc5.x86_64.rpm
30fe0315f86289dee30396c7b20f7cec4edb0cf3 x86_64/gimp-2.2.14-5.fc5.x86_64.rpm
82ee257bc06c853e8b3b2921150cd6868895aa21 i386/gimp-devel-2.2.14-5.fc5.i386.rpm
2f6a6e65876342113f8358ed0966634052c2bc0f i386/gimp-libs-2.2.14-5.fc5.i386.rpm
5588880e828c5d4f8c3ea067a827a5dce12a1a55 i386/debug/gimp-debuginfo-2.2.14-5.fc5.i386.rpm
c0df533b9d4e03b6a12235ac673c44b516f23eed i386/gimp-2.2.14-5.fc5.i386.rpm

Fedora Core 5: new gimp 2.2.15-3.fc5 packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
9d5c3a27a5aa554ff4955e1063cdf720d4e6d9c6 SRPMS/gimp-2.2.15-3.fc5.src.rpm
9d5c3a27a5aa554ff4955e1063cdf720d4e6d9c6 noarch/gimp-2.2.15-3.fc5.src.rpm
5499fa12b37669f0551a5094fa54c3e07118cf43 ppc/debug/gimp-debuginfo-2.2.15-3.fc5.ppc.rpm
085a3733525e66d14578fa2c1b719432ddf987e5 ppc/gimp-2.2.15-3.fc5.ppc.rpm
b07dd4e45fd21a8aa3f84c0296f8d59a27dc80f8 ppc/gimp-libs-2.2.15-3.fc5.ppc.rpm
52d048a661a5125f4c937e326a4c7dc790c4e97f ppc/gimp-devel-2.2.15-3.fc5.ppc.rpm
9ba8fe777ed1d088451b16873bc06cd8a75eaee4 x86_64/gimp-2.2.15-3.fc5.x86_64.rpm
0d1d564adcbeac896fb565805f35c702d29da91f x86_64/debug/gimp-debuginfo-2.2.15-3.fc5.x86_64.rpm
eb58d26f004a8085fbe3cbe6179f299dd8dc0f8e x86_64/gimp-libs-2.2.15-3.fc5.x86_64.rpm
b6b4e1593daff51c1822546785a8f8f1a2a04ccb x86_64/gimp-devel-2.2.15-3.fc5.x86_64.rpm
42560a3424b893a096ea5d67193cd6f6360f6cbd i386/gimp-2.2.15-3.fc5.i386.rpm
935c15161ad73160aaf5451bf7bb953726219849 i386/debug/gimp-debuginfo-2.2.15-3.fc5.i386.rpm
9d80dee2575bc4585b64369d869cc00c32281322 i386/gimp-devel-2.2.15-3.fc5.i386.rpm
6fcf6ff98e0b66cbc14149493d3911e2db4296cf i386/gimp-libs-2.2.15-3.fc5.i386.rpm

Fedora Core 6: new gimp 2.2.14-5.fc6 packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
ba8e7ccb71e74904b304ce6925ceae2e8e336f7d SRPMS/gimp-2.2.14-5.fc6.src.rpm
ba8e7ccb71e74904b304ce6925ceae2e8e336f7d noarch/gimp-2.2.14-5.fc6.src.rpm
335e68dd610e71ccab2864bd82a7b1722cea9e4c ppc/gimp-libs-2.2.14-5.fc6.ppc.rpm
1c1c3ba98ced2a5cadd2beb22352596531a952ba ppc/gimp-devel-2.2.14-5.fc6.ppc.rpm
a312592041426da6f955243d74a29a45349bcda7 ppc/debug/gimp-debuginfo-2.2.14-5.fc6.ppc.rpm
602522f2ec567dc3320765c94d8bbe60e9c19763 ppc/gimp-2.2.14-5.fc6.ppc.rpm
b3c1975cbf82590d5c72d7e414fb9e8d39d95d9d x86_64/debug/gimp-debuginfo-2.2.14-5.fc6.x86_64.rpm
524cf3f71081dbd5e44bb256b6894f8b3a4e587e x86_64/gimp-libs-2.2.14-5.fc6.x86_64.rpm
4d3e6966a32618a6752b36c18c7dd70f4ee747ab x86_64/gimp-devel-2.2.14-5.fc6.x86_64.rpm
226b073305b15ac9b242559a2a48f46ffecda5a1 x86_64/gimp-2.2.14-5.fc6.x86_64.rpm
4780aaccaa51d9bdda6b7e839f66df55e3a1bd16 i386/gimp-devel-2.2.14-5.fc6.i386.rpm
a861c10fa4feb6c87dfa058c2f24005933979694 i386/gimp-2.2.14-5.fc6.i386.rpm
f97c7df7801ee038fa789db3ccb8abae2908a168 i386/debug/gimp-debuginfo-2.2.14-5.fc6.i386.rpm
3a74780f66699c7705657c02e275dc7ff0396a33 i386/gimp-libs-2.2.14-5.fc6.i386.rpm

Fedora Core 6: new gimp 2.2.15-3.fc6 packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
b212789ea6e64ac19b8bb42e0769c0eee757fdcc SRPMS/gimp-2.2.15-3.fc6.src.rpm
b212789ea6e64ac19b8bb42e0769c0eee757fdcc noarch/gimp-2.2.15-3.fc6.src.rpm
75f65a92f08fbc34cc4fe738e029cc05e41438ed ppc/gimp-devel-2.2.15-3.fc6.ppc.rpm
3d538fa5225a010764fc5bcc60f0e4ddf5820e71 ppc/gimp-libs-2.2.15-3.fc6.ppc.rpm
170853bebe21ffd98ad916d2cc1a39fb882cbcfc ppc/gimp-2.2.15-3.fc6.ppc.rpm
acc186afea8f66dfe4ba01cb265c17754243ec4c ppc/debug/gimp-debuginfo-2.2.15-3.fc6.ppc.rpm
1e17f0a19b1449073cc742349be1c85a5030b296 x86_64/gimp-2.2.15-3.fc6.x86_64.rpm
959aa378a80ef8d327cc032e8628c6b72c79ec4b x86_64/gimp-devel-2.2.15-3.fc6.x86_64.rpm
0fc844c6c43f310df44b964e9fd6ff21495fd03d x86_64/debug/gimp-debuginfo-2.2.15-3.fc6.x86_64.rpm
ccc1584949d11941727c4ae57e2f8a03f6f3d6da x86_64/gimp-libs-2.2.15-3.fc6.x86_64.rpm
e07bfe602b33a343fe0f8415b7d70c80059cc636 i386/debug/gimp-debuginfo-2.2.15-3.fc6.i386.rpm
93f46150ff04c2805560567053bbd41d73822faa i386/gimp-devel-2.2.15-3.fc6.i386.rpm
3bca800f81269c104ef3e351ca3c9134ee684a6e i386/gimp-2.2.15-3.fc6.i386.rpm
6d9266e770ada8d15dc6d9c5d80a7dc76c015919 i386/gimp-libs-2.2.15-3.fc6.i386.rpm

Mandriva: new gimp packages.
New packages are available:
 Mandriva Linux 2007.0:
 6f2d2ba676a78bc9c8637e594cc7695c 2007.0/i586/gimp-2.3.10-6.2mdv2007.0.i586.rpm
 e961d511b0a4467c0a71da1abed2d9e1 2007.0/i586/gimp-python-2.3.10-6.2mdv2007.0.i586.rpm
 c86f942a4a0e60b29a6c25a9ae1a2aa6 2007.0/i586/libgimp2.0-devel-2.3.10-6.2mdv2007.0.i586.rpm
 bdc40e9348c25965085ab2d38fabca3a 2007.0/i586/libgimp2.0_0-2.3.10-6.2mdv2007.0.i586.rpm
 4b3fd719205b5783c8e95b26152754c1 2007.0/SRPMS/gimp-2.3.10-6.2mdv2007.0.src.rpm
 Mandriva Linux 2007.0/X86_64:
 9d649e883a907a4ee14a01bf20d852a0 2007.0/x86_64/gimp-2.3.10-6.2mdv2007.0.x86_64.rpm
 acebf4019818c698ffa5490226e67b17 2007.0/x86_64/gimp-python-2.3.10-6.2mdv2007.0.x86_64.rpm
 4dd4c15971e1940ef4cadb72c634ddf2 2007.0/x86_64/lib64gimp2.0-devel-2.3.10-6.2mdv2007.0.x86_64.rpm
 3206abfb7c40c66ae0b1900d09ba3ac7 2007.0/x86_64/lib64gimp2.0_0-2.3.10-6.2mdv2007.0.x86_64.rpm
 4b3fd719205b5783c8e95b26152754c1 2007.0/SRPMS/gimp-2.3.10-6.2mdv2007.0.src.rpm
 Mandriva Linux 2007.1:
 a1ab4c6bd8adc03e8dff8d571ea71238 2007.1/i586/gimp-2.3.14-3.1mdv2007.1.i586.rpm
 df478231fee2f1746100a63ddee9fa1c 2007.1/i586/gimp-python-2.3.14-3.1mdv2007.1.i586.rpm
 1e6e115efe6311a08221e59ff0202add 2007.1/i586/libgimp2.0-devel-2.3.14-3.1mdv2007.1.i586.rpm
 c0ca0e48c691d52c057e2e48f126228d 2007.1/i586/libgimp2.0_0-2.3.14-3.1mdv2007.1.i586.rpm
 dbd612719f10a2b5f17766baf33994f6 2007.1/SRPMS/gimp-2.3.14-3.1mdv2007.1.src.rpm
 Mandriva Linux 2007.1/X86_64:
 61be8d037ff7bb07dbd9456bc787d59c 2007.1/x86_64/gimp-2.3.14-3.1mdv2007.1.x86_64.rpm
 809dde5e40c10a22ffa71f79c969c144 2007.1/x86_64/gimp-python-2.3.14-3.1mdv2007.1.x86_64.rpm
 c16813e13a87f367e29336cf3e2e2cdc 2007.1/x86_64/lib64gimp2.0-devel-2.3.14-3.1mdv2007.1.x86_64.rpm
 fef1cea1d6c4938053b6844b22c359e4 2007.1/x86_64/lib64gimp2.0_0-2.3.14-3.1mdv2007.1.x86_64.rpm
 dbd612719f10a2b5f17766baf33994f6 2007.1/SRPMS/gimp-2.3.14-3.1mdv2007.1.src.rpm
 Corporate 3.0:
 8b03f11448dbb4e94e2b8b8dc5224fa2 corporate/3.0/i586/gimp-1.2.5-13.1.C30mdk.i586.rpm
 e2bf163b19111bd0375574ac94f815a0 corporate/3.0/i586/gimp-doc-1.2.5-13.1.C30mdk.i586.rpm
 5818d368ee1d660e4c8f15f5e9ac7ebf corporate/3.0/i586/gimp-perl-1.2.5-13.1.C30mdk.i586.rpm
 4c6769052b0ffc3929191cd357983345 corporate/3.0/i586/libgimp1.2-1.2.5-13.1.C30mdk.i586.rpm
 249569270aca413afc117b1decff2a18 corporate/3.0/i586/libgimp1.2_1-1.2.5-13.1.C30mdk.i586.rpm
 13297c783d7b0c16eb86530025e746bb corporate/3.0/i586/libgimp1.2_1-devel-1.2.5-13.1.C30mdk.i586.rpm
 88ffadd4803267b9271909c2584bd8d8 corporate/3.0/SRPMS/gimp-1.2.5-13.1.C30mdk.src.rpm
 Corporate 3.0/X86_64:
 0b447fbcd1c904381bf2447a314d89af corporate/3.0/x86_64/gimp-1.2.5-13.1.C30mdk.x86_64.rpm
 96df5c88bdee06776d0eae5108508c72 corporate/3.0/x86_64/gimp-doc-1.2.5-13.1.C30mdk.x86_64.rpm
 5275b1da8478c720e516cce148629e86 corporate/3.0/x86_64/gimp-perl-1.2.5-13.1.C30mdk.x86_64.rpm
 0ed195ecae3bcfc25994dee7d8f88134 corporate/3.0/x86_64/lib64gimp1.2-1.2.5-13.1.C30mdk.x86_64.rpm
 968cb26a97556435cd19b5f1ee3199e6 corporate/3.0/x86_64/lib64gimp1.2_1-1.2.5-13.1.C30mdk.x86_64.rpm
 3054dc681958467b93d83d98351de5da corporate/3.0/x86_64/lib64gimp1.2_1-devel-1.2.5-13.1.C30mdk.x86_64.rpm
 88ffadd4803267b9271909c2584bd8d8 corporate/3.0/SRPMS/gimp-1.2.5-13.1.C30mdk.src.rpm

RHEL: new gimp packages.
New packages are available:
Red Hat Enterprise Linux version 2.1: gimp-1.2.1-7.1.el2_1
Red Hat Enterprise Linux version 3: gimp-1.2.3-20.3.el3
Red Hat Enterprise Linux version 4: gimp-2.0.5-6.2.el4
Red Hat Enterprise Linux version 5: gimp-2.2.13-2.el5

SGI ProPack: new packages.
Patch 10405 is available:
  http://support.sgi.com/
New packages are also available:
  ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS
  ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS

Solaris: patch for GIMP.
A patch is available:
  SPARC Platform
    Solaris 10 : patch 122212-22
  x86 Platform
    Solaris 9 + JDS release 2 : patch 121775-01
    Solaris 10 : patch 122213-22
A workaround is to ensure the stack is not executable by editing /etc/system :
  set noexec_user_stack = 1
  set noexec_user_stack_log = 1

SUSE: new apache, gimp, zope packages.
New packages are available via YaST or FTP.

Turbolinux: new gimp packages.
New packages are available:
Turbolinux FUJI : gimp-2.2.8-5
Turbolinux 10 Desktop : gimp-1.2.5-5
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer vulnerability alert. The technology watch team tracks security threats targeting the computer system.