[SECURITY] Fedora 17 Update: gimp-2.8.4-1.fc17

updates at fedoraproject.org updates at fedoraproject.org
Thu Feb 21 05:37:27 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-2000
2013-02-08 01:05:23
--------------------------------------------------------------------------------

Name        : gimp
Product     : Fedora 17
Version     : 2.8.4
Release     : 1.fc17
URL         : http://www.gimp.org/
Summary     : GNU Image Manipulation Program
Description :
GIMP (GNU Image Manipulation Program) is a powerful image composition and
editing program, which can be extremely useful for creating logos and other
graphics for webpages. GIMP has many of the tools and filters you would expect
to find in similar commercial offerings, and some interesting extras as well.
GIMP provides a large image manipulation toolbox, including channel operations
and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all
with multi-level undo.

--------------------------------------------------------------------------------
Update Information:

Among other things this update fixes a vulnerability with corrupt XWD files and a crash with newer versions of fontconfig when gimp is quit.

Overview of Changes from GIMP 2.8.2 to GIMP 2.8.4
=================================================


GUI:

 - Better names for the default filters in save and export
 - Make tool drawing (esp. the brush outline) much more responsive
 - Remember the "maximized" state across sessions
 - Simplify the splash image code a lot, makes it appear immediately again
 - Allow the text tool to start on an image without layers
 - Various fixes for text style attribute handling
 - Set unconfigured input devices to eraser if GTK+ says they are erasers


Libgimp:

 - Make libgimp drawable combo boxes aware of layer groups
 - Fix item width in GimpPageSelector (used e.g. in PDF import)


Plug-ins:

 - Better default values in the Drop Shadow script
 - Fix a whole bunch of bugs in the BMP plug-in


General:

 - Lots of bug fixes
 - Lots of translation updates
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  6 2013 Nils Philippsen <nils at redhat.com> - 2:2.8.4-1
- version 2.8.4
* Mon Jan 28 2013 Nils Philippsen <nils at redhat.com> - 2:2.8.2-7
- build with -fno-strict-aliasing
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 2:2.8.2-6.1
- rebuild due to "jpeg8-ABI" feature drop
* Wed Nov 21 2012 Nils Philippsen <nils at redhat.com>
- make rpmlint happy again
* Mon Nov 19 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.2-6
- fix gimprc syntax error introduced in previous patch
* Thu Nov 15 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.2-5
- try using the system monitor profile for color management by default (patch
  by Richard Hughes)
* Wed Nov 14 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.2-4
- fix marking file dialogs as transient if opened from context menu (#835736)
* Tue Nov 13 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.2-3
- don't trip over too much installed memory, reenable all tests
- realign selection after "Crop to Selection" (#873212, fix by Michael
  Natterer)
* Sat Oct 20 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.2-2
- run "make check", skip problematic tests
- don't build help browser on EL
* Fri Aug 24 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.2-1
- version 2.8.2
* Mon Aug 20 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.0-3
- fix crash in fits loader (#834627)
- fix overflow in CEL plug-in (CVE-2012-3403)
- fix overflow in GIF loader (CVE-2012-3481)
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2:2.8.0-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 25 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.0-2
- build with poppler >= 0.20.0 from Fedora 18 on as it is GPLv2/GPLv3
  dual-licensed
* Thu May 10 2012 Nils Philippsen <nils at redhat.com> - 2:2.8.0-1
- version 2.8.0
* Wed Apr 25 2012 Nils Philippsen <nils at redhat.com>
- update BR: librsvg2-devel >= 2.36.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #879302 - CVE-2012-5576 gimp (XWD plug-in): Stack-based buffer overflow when loading XWD file
        https://bugzilla.redhat.com/show_bug.cgi?id=879302
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update gimp' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list