| Package | gimp |
|---|---|
| Version | 2.8.18-1+deb9u2 (stretch) |
| Related CVEs | CVE-2022-30067 CVE-2023-44442 CVE-2023-44444 |
Multiple vulnerabilities were fixed in GIMP, the GNU Image Manipulation Program.
CVE-2022-30067
Out-of-memory with crafted XCF file.
CVE-2023-44442
PSD file parsing buffer overflow.
CVE-2023-44444
PSP file parsing buffer overflow.
For Debian 9 stretch, these problems have been fixed in version 2.8.18-1+deb9u2.
We recommend that you upgrade your gimp packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.