[Cucumber-linux-security] gimp (security update is available)

[Scott C. <z5...@z5...>]

  Update Information

A security update is available for gimp for the following versions of
Cucumber Linux:

  * 1.0
  * 1.1 Beta

Here are the details from the Cucumber 1.0 changelog:

+----------------+
Tue Dec 19 13:32:27 EST 2017
xapps-general/gimp rebuilt (build 2) to fix Gnome Bug #739133 (CLD-182), a 
	security vulnerability in the fli importer of GIMP that could be used to
	trigger an out of bounds write, which naturally has the potential to
	lead to arbitrary code execution. This vulnerability has yet to be
	assigned a CVE ID. For more information see:
		http://security.cucumberlinux.com/security/details.php?id=182
		https://bugzilla.gnome.org/show_bug.cgi?id=739133
multilib/xapps-general/gimp-lib_i686 rebuilt (build 2, x86_64 only)
* SECURITY FIX *
+----------------+

------------------------------------------------------------------------


  CLD and CVE Information

This update is associated with the following Cucumber Linux Deficiency
(CLD) and CVE numbers:

  * CLD-182 (http://security.cucumberlinux.com/security/details.php?id=182)

More information about these CLDs can be found at their respective pages
on the Cucumber Linux Security Advisory Tracker (these are the URLs in
parenthesis above).

------------------------------------------------------------------------


  Installing the Update

The updated package can be installed via Pickle by running the following
commands (as root):

# pickle --update
# pickle

Make sure gimp is selected on the update list, and then select Ok.
Pickle will then install the updated package.

If you prefer to download the updated package manually, it can be found
on the mirror at http://mirror.cucumberlinux.com/cucumber/.

------------------------------------------------------------------------
The Cucumber Linux Security Team
cuc...@li...
<mailto:cuc...@li...>
http://www.cucumberlinux.com/security.php