ELSA-2025-9501

ULN >
Oracle Linux Errata repository >
ELSA-2025-9501

ELSA-2025-9501 - gimp security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-07-02

Description

[2:2.8.22-1.0.3]
- Fixes CVE-2025-5473 (GIMP ICO File Parsing Integer Overflow) [Orabug: 38110877]
- Fixes CVE-2025-48797 (Multiple heap buffer overflows in TGA parser)
- Fixes CVE-2025-48798 (Multiple use after free in XCF parser)

Related CVEs

CVE-2025-48797

CVE-2025-48798

CVE-2025-5473

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	gimp-2.8.22-1.0.3.el7.src.rpm	01b04a1e79ac2fe1836163474b83658a9cfd230349b9b58448868b5923be48dd	-	ol7_x86_64_latest_ELS
	gimp-2.8.22-1.0.3.el7.x86_64.rpm	3cdd23cefc29bf288a58cafb46781856813184934c0ef161b0af2d59800d74e1	-	ol7_x86_64_latest_ELS
	gimp-devel-2.8.22-1.0.3.el7.i686.rpm	151e468cd7c8f621bfe6fe9f0bce724a48f4cf490e88175b5f1c4c1edf05c8f7	-	ol7_x86_64_latest_ELS
	gimp-devel-2.8.22-1.0.3.el7.x86_64.rpm	2f29830f461b4b5409983ca1d4aaa6b9bba4fc92847361d2ca734ef81011f69d	-	ol7_x86_64_latest_ELS
	gimp-devel-tools-2.8.22-1.0.3.el7.x86_64.rpm	3b3fac647517b661b58e1b604b62a18b23c905b0ca7ffd98e23789b3b09744d4	-	ol7_x86_64_latest_ELS
	gimp-libs-2.8.22-1.0.3.el7.i686.rpm	db9cf810f71a578be8eca4c6f174cfa46d9e060bc492597de494afde64812ad9	-	ol7_x86_64_latest_ELS
	gimp-libs-2.8.22-1.0.3.el7.x86_64.rpm	b7bb252467f9d1e3190b292270583ba017a04fcd15df5064841b600f9dacfb5a	-	ol7_x86_64_latest_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691