GNOME Bugzilla – Bug 679215
Potential buffer overflow in GIMP 2.6.x (confirmed in 2.6.11) [CVE-2012-2763]
Last modified: 2012-07-03 12:46:41 UTC
Created attachment 217755 [details] [review] CVE-2012-2763 As reported by Joseph Sheridan (http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html), GIMP 2.6.x is vulnerable to a potential buffer overflow when a long command is sent to the script-fu server. The attached patch addresses this. --mancha
2.6 is no longer supported. We determined that 2.8 and master are not vulnerable due to the patch that you quote already being in these branches. So I'm resolving this as WONTFIX as 2.6 is no longer supported.
FWIW, pushed to gimp-2-6: commit 744f7a4a2b5acb8b531a6f5dd8744ebb95348fc2 Author: Kevin Cozens <kcozens@cvs.gnome.org> Date: Mon Aug 17 19:29:02 2009 -0400 script-fu: Bug #679215: Fixed potential buffer overflow in readstr_upto() Cherry picked from commit 76155d79df8d497d9a5994029247387e222da9e9. gimp-2-6 is no longer maintained. But we might as well commit this for the benefit of EL/LTS distros. This patch hasn't even been compiled, so YMMV. Enjoy.
(In reply to comment #2) > FWIW, pushed to gimp-2-6: Highly appreciated! Thanks!