{"id":"CLSA-2026-1773655369","summary":"gimp: Fix of 4 CVEs","details":"- CVE-2026-2044: fix uninitialized memory read in PGM file parser\n- CVE-2026-2045: fix heap buffer overflow in XWD file loader\n- CVE-2026-2048: fix out-of-bounds write in XWD file loader\n- CVE-2026-0797: fix missing fread return value checks in ICO file loader","modified":"2026-06-01T00:32:43.212089979Z","published":"2026-03-16T12:49:29Z","upstream":["CVE-2026-2044","CVE-2026-2045","CVE-2026-2048","CVE-2026-0797"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1773655369.html"}],"affected":[{"package":{"name":"gimp","ecosystem":"TuxCare:AlmaLinux:9.6","purl":"pkg:rpm/tuxcare/gimp?distro=almalinux-9.6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.99.8-4.el9_6.2.tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1773655369.json"}},{"package":{"name":"gimp-devel","ecosystem":"TuxCare:AlmaLinux:9.6","purl":"pkg:rpm/tuxcare/gimp-devel?distro=almalinux-9.6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.99.8-4.el9_6.2.tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1773655369.json"}},{"package":{"name":"gimp-devel-tools","ecosystem":"TuxCare:AlmaLinux:9.6","purl":"pkg:rpm/tuxcare/gimp-devel-tools?distro=almalinux-9.6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.99.8-4.el9_6.2.tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1773655369.json"}},{"package":{"name":"gimp-libs","ecosystem":"TuxCare:AlmaLinux:9.6","purl":"pkg:rpm/tuxcare/gimp-libs?distro=almalinux-9.6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:2.99.8-4.el9_6.2.tuxcare.els5"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1773655369.json"}}],"schema_version":"1.7.5"}