ELSA-2025-22866

ULN >
Oracle Linux Errata repository >
ELSA-2025-22866

ELSA-2025-22866 - gimp security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-12-18

Description

[2:2.22-1.0.5]
- Fixes CVE-2025-10922 and CVE-2025-10934 [Orabug: 38739185]

[2:2.8.22-1.0.3]
- Fixes CVE-2025-5473 (GIMP ICO File Parsing Integer Overflow) [Orabug: 38110877]
- Fixes CVE-2025-48797 (Multiple heap buffer overflows in TGA parser)
- Fixes CVE-2025-48798 (Multiple use after free in XCF parser)

Related CVEs

CVE-2025-10922

CVE-2025-10934

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	gimp-2.8.22-1.0.5.el7.src.rpm	db31275c66b969ac5b63ce63dbf1f877c864b3ceff0c38c36a6c9deee596279b	-	ol7_x86_64_latest_ELS
	gimp-2.8.22-1.0.5.el7.x86_64.rpm	8ea73a20c83ad1241788f85428d06ab538d341f593f804b3ff673b2f9e6369e3	-	ol7_x86_64_latest_ELS
	gimp-devel-2.8.22-1.0.5.el7.i686.rpm	087f8bc2e98a77dc7bf374aeec08535167fb0aaa56c2b9656dcd368396229b79	-	ol7_x86_64_latest_ELS
	gimp-devel-2.8.22-1.0.5.el7.x86_64.rpm	beaec0c2613c0f86005cfb35596f7f99a61edff365e056c56c74f20e24138609	-	ol7_x86_64_latest_ELS
	gimp-devel-tools-2.8.22-1.0.5.el7.x86_64.rpm	67c03fe7e7a44b5b9f5cfc6386f7213d582b11505c8151681b7140de63594bc2	-	ol7_x86_64_latest_ELS
	gimp-libs-2.8.22-1.0.5.el7.i686.rpm	64408c703c6c374b795b333de1537742384bf48e92f9eabe7ece515e89228919	-	ol7_x86_64_latest_ELS
	gimp-libs-2.8.22-1.0.5.el7.x86_64.rpm	3f5d50474df88e267e4e63e1ef711b44302c9e92741706e9127074287b8270b0	-	ol7_x86_64_latest_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691