pool/gimp
SHA256
19
0
Fork 4
Code Issues Pull Requests 3 Activity

WIP: Synch with factory #2

Draft
mgorse wants to merge 8 commits from mgorse/gimp:leap-16.0 into leap-16.0
pull from: mgorse/gimp:leap-16.0
merge into: pool:leap-16.0
Conversation 6 Commits 8 Files Changed 4 +231 -8
mgorse commented 2025-11-14 23:04:12 +01:00
First-time contributor
Copy Link

CVE fixes

CVE fixes
mgorse added 8 commits 2025-11-14 23:04:13 +01:00
Update the changelog to fillup the security fix history. (CVE-2025-2760, bsc#1241690) 215ad970f6 
OBS-URL: https://build.opensuse.org/package/show/graphics/gimp?expand=0&rev=93
Accepting request 1300479 from graphics 55775f7b05 
OBS-URL: https://build.opensuse.org/request/show/1300479
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gimp?expand=0&rev=155
- Add gimp-CVE-2025-10924.patch: Fix integer overflow while parsing e830296eae 
FF files. (CVE-2025-10924, bsc#1250499)

OBS-URL: https://build.opensuse.org/package/show/graphics/gimp?expand=0&rev=94
Accepting request 1307522 from home:qzhao:branches:graphics 4f27ad9d25 
1, Add gimp-CVE-2025-10925.patch: Fix GIMP ILBM file parsing stack-based buffer overflow remote code execution vulnerability. (CVE-2025-10925, ZDI-25-914, ZDI-CAN-27793, bsc#1250501); 2, Add gimp-CVE-2025-10922.patch: Fix GIMP DCM file parsing heap-based buffer overflow remote code execution vulnerability. (CVE-2025-10922, ZDI-25-911, ZDI-CAN-27863, bsc#1250497); 3, Add gimp-CVE-2025-10920.patch: Prevent overflow attack by checking if output >= max, not just output > max. (CVE-2025-10920, ZDI-25-909, ZDI-CAN-27684, bsc#1250495)

OBS-URL: https://build.opensuse.org/request/show/1307522
OBS-URL: https://build.opensuse.org/package/show/graphics/gimp?expand=0&rev=95
Accepting request 1307201 from graphics d9d6023463 
OBS-URL: https://build.opensuse.org/request/show/1307201
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gimp?expand=0&rev=156
Accepting request 1309048 from graphics 3bfee05c38 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1309048
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gimp?expand=0&rev=157
- Update to 3.0.6 9f10d8d269 
OBS-URL: https://build.opensuse.org/package/show/graphics/gimp?expand=0&rev=96
Accepting request 1309404 from graphics 22c272bab6 
- Update to 3.0.6

OBS-URL: https://build.opensuse.org/request/show/1309404
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gimp?expand=0&rev=158
autogits_workflow_pr_bot requested review from legaldb 2025-11-14 23:04:42 +01:00
autogits_workflow_pr_bot requested review from maintenance-release-review 2025-11-14 23:04:42 +01:00
autogits_workflow_pr_bot requested review from opensuse-review 2025-11-14 23:04:43 +01:00
maintenance-release-review commented 2025-11-14 23:06:26 +01:00
First-time contributor
Copy Link

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @maintenance-release-review: approve.
To request changes on behalf of the group, create the following comment: @maintenance-release-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@maintenance-release-review: approve`. To request changes on behalf of the group, create the following comment: `@maintenance-release-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
opensuse-review commented 2025-11-14 23:07:48 +01:00
Member
Copy Link

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @opensuse-review: approve.
To request changes on behalf of the group, create the following comment: @opensuse-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@opensuse-review: approve`. To request changes on behalf of the group, create the following comment: `@opensuse-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
legaldb commented 2025-11-14 23:20:12 +01:00
Member
Copy Link

Legal reviewed as acceptable:

Accepted because previously reviewed under the same license (470261)
Legal reviewed as [acceptable](https://legaldb.suse.de/reviews/details/489403): ``` Accepted because previously reviewed under the same license (470261) ```
report.md
2.1 KiB
legaldb approved these changes 2025-11-14 23:20:12 +01:00
msmeissn commented 2025-11-17 14:47:14 +01:00
First-time contributor
Copy Link

fwiw does not build on slfo 1.2, gtk3 too old.

fwiw does not build on slfo 1.2, gtk3 too old.
mgorse commented 2025-11-17 16:13:42 +01:00
Author
First-time contributor
Copy Link

Oh, sorry--I just assumed that the update would be safe. It shouldn't really require 3.24.51; I'll update the factory package so that it builds on SLFO and adjust the PR.

Oh, sorry--I just assumed that the update would be safe. It shouldn't really require 3.24.51; I'll update the factory package so that it builds on SLFO and adjust the PR.
mgorse changed title from Synch with factory to WIP: Synch with factory 2025-11-17 16:24:08 +01:00
This pull request is marked as a work in progress.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u leap-16.0:mgorse-leap-16.0
git checkout mgorse-leap-16.0
Sign in to join this conversation.
Reviewers
No Reviewers
maintenance-release-review
opensuse-review
legaldb
Labels
Clear labels
legaldb
Critical Priority
Critical legaldb priority
Archived
legaldb
High Priority
2
High legaldb priority
legaldb
Normal Priority
1
Normal legaldb priority
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
adamm_super adrianSuSE autobuild-owner autobuild-review autogits_workflow_pr_bot bigironman dirkmueller eroca factory_bot gitea_test legaldb lkocman-factory maxlin_factory opensuse-review packagehub-review smithfarm
No Assignees
5 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: pool/gimp#2
Delete Branch "mgorse/gimp:leap-16.0"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?