mirror of
git://slackware.nl/current.git
synced 2024-12-29 10:25:00 +01:00
65d9c1e075
patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release, needed by the GIMP upgrade.
patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz: Upgraded.
This release fixes security issues:
If a user loads a malicious DDS, PSD, or PSP file, this could result in a
program crash or possibly the execution of arbitrary code.
Please note that this package also requires the updated gegl package.
Thanks to henca for the heads-up.
For more information, see:
https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/
https://www.zerodayinitiative.com/advisories/ZDI-23-1591/
https://www.zerodayinitiative.com/advisories/ZDI-23-1592/
https://www.zerodayinitiative.com/advisories/ZDI-23-1593/
https://www.zerodayinitiative.com/advisories/ZDI-23-1594/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444
(* Security fix *)
26 lines
704 B
Diff
26 lines
704 B
Diff
--- ./operations/common/introspect.c.orig 2020-12-20 06:16:48.799965900 -0600
|
|
+++ ./operations/common/introspect.c 2020-12-21 15:41:14.459774463 -0600
|
|
@@ -48,7 +48,7 @@
|
|
|
|
dot = g_find_program_in_path ("dot");
|
|
|
|
- if (! dot || op_introspect->user_data || op_introspect->node == NULL)
|
|
+ if (op_introspect->user_data || op_introspect->node == NULL)
|
|
return;
|
|
|
|
/* Construct temp filenames */
|
|
@@ -175,12 +175,9 @@
|
|
gegl_introspect_is_available (void)
|
|
{
|
|
gchar *dot;
|
|
- gboolean found = FALSE;
|
|
-
|
|
- dot = g_find_program_in_path ("dot");
|
|
- found = (dot != NULL);
|
|
- g_free (dot);
|
|
+ gboolean found = TRUE;
|
|
|
|
+ /* always return TRUE to avoid a runtime check on dot */
|
|
return found;
|
|
}
|
|
|