ubuntu/+source/gimp:ubuntu/trusty-security

Last commit made on 2018-01-22
Get this branch:
git clone -b ubuntu/trusty-security https://git.launchpad.net/ubuntu/+source/gimp
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/trusty-security
Repository:
lp:ubuntu/+source/gimp

Recent commits

00c4034... by Leonidas S. Barbosa on 2018-01-18

Import patches-unapplied version 2.8.10-0ubuntu1.2 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: a157f9e1c80c491e162cc54475cfe74e8b83f0c8

New changelog entries:
  * SECURITY UPDATE: Heap-buffer over-read in load_image file-gbr.c
    - debian/patches/CVE-2017-17784.patch: fix in plug-ins/common/file-gbr.c.
    - CVE-2017-17784
  * SECURITY UPDATE: Heap-based buffer overflow in fli_read_brun function
    - debian/patches/CVE-2017-17785.patch: fix in plug-ins/file-fli/fli.c.
    - CVE-2017-17785
  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2017-17786.patch: fix in plug-ins/common/file-tga.c.
    - CVE-2017-17786
  * SECURITY UPDATE: Heap-based buffer over-read in read_creator_block
    - debian/patches/CVE-2017-17787.patch: fix in plug-ins/common/file-psp.c.
    - CVE-2017-17787
  * SECURITY UPDATE: Stack-based buffer over-read in xcf_load_stream
    - debian/patches/CVE-2017-17788.patch: fix in app/xcf/xcf.c.
    - CVE-2017-17788
  * SECURITY UPDATE: Heap-based buffer overflow in read_channel_data
    - debian/patches/CVE-2017-17789.patch: fix in plug-ins/common/file-psp.c.
    - CVE-2017-17789

a157f9e... by Marc Deslauriers on 2016-06-30

Import patches-unapplied version 2.8.10-0ubuntu1.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 19b46396e5ad40e5758cd2f5aa47a828a9391c45

New changelog entries:
  * SECURITY UPDATE: multiple issues in XCF channel and layer properties
    - debian/patches/CVE-2016-4994.patch: properly clear pointers in
      app/xcf/xcf-load.c.
    - CVE-2016-4994

19b4639... by Sebastien Bacher on 2014-01-16

Import patches-unapplied version 2.8.10-0ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 6492550b03cb808487024570ff84ceff16f7d405

New changelog entries:
  * New upstream version
  * debian/patches/lcms2.patch:
    - dropped, the new version has support for the new lcms
  * debian/rules:
    - use --with-lcms=lcms2

6492550... by Matthias Klose on 2013-12-16

Import patches-unapplied version 2.8.6-1ubuntu3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: a391f4e4e85b84d140ee7b4152e9fb2ca943c5af

New changelog entries:
  * Build using lcms2.
  * Build using dh-autoreconf.

a391f4e... by Marc Deslauriers on 2013-12-06

Import patches-unapplied version 2.8.6-1ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 9a8cdcd3443f0fad660288ac2dcffb9fd9e307f7

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    huge color maps in xwd plugin
    - debian/patches/CVE-2013-1913.patch: limit number of color map entries
      in plug-ins/common/file-xwd.c.
    - CVE-2013-1913
  * SECURITY UPDATE: denial of service and possible code execution via
    large number of color map entries in xwd plugin
    - debian/patches/CVE-2013-1978.patch: validate number of color map
      entries in plug-ins/common/file-xwd.c
    - CVE-2013-1978
  * debian/patches/freetype-251.patch: fix FTBFS with newer freetype.

9a8cdcd... by Sebastien Bacher on 2013-08-29

Import patches-unapplied version 2.8.6-1ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: c3b759309d2eb8413cf3dbca12249873f40e552d

New changelog entries:
  * Synchronize with Debian (LP: #1207734). Remaining changes:
    - debian/patches/02_help-message.patch,
      debian/patches/03_gimp.desktop.in.in.patch:
      + Update some strings for Ubuntu
    - debian/control:
      + Update description
    - debian/rules:
      + Set gettext domain and update translation templates

c3b7593... by Ari Pollak on 2013-07-02

Import patches-unapplied version 2.8.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1aa9edd6145929a1a2401a3aa56c9eda57d482df

New changelog entries:
  * Imported Upstream version 2.8.6
    - Fixes some single window closing behavior (Closes: #686345)
  * Tighten dependency on gdk-pixbuf (Closes: #712616)

1aa9edd... by Ari Pollak on 2013-02-23

Import patches-unapplied version 2.8.4-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c977f1d01864722ca548462b33c38c6ae298fdcc

New changelog entries:
  * Imported Upstream version 2.8.4

c977f1d... by Ari Pollak on 2012-11-23

Import patches-unapplied version 2.8.2-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2d3e2683c5769a54f5087bacadad5481af963411

New changelog entries:
  * xwd-corruption.patch:
    - Fix memory corruption bug when reading XWD files (Closes: #693977)

2d3e268... by Ari Pollak on 2012-09-10

Import patches-unapplied version 2.8.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 965340f762a03941e95c054467b518f900abf36e

New changelog entries:
  * Imported Upstream version 2.8.2
    - Fixes a security hole in the CEL plugin (Closes: #685397) (CVE-2012-3403)
    - Fixes a security hole in the GIF plugin (CVE-2012-3481)
    - Fixes link failures on on hurd-i386 (Closes: #677342)
    - Fixes incorrect window title after exporting (Closes: #673898)
  * Don't overwrite LDFLAGS from dpkg-buildflags