| Package | gimp |
|---|---|
| Version | 2.8.18-1+deb9u4 (stretch), 2.10.8-2+deb10u3 (buster) |
| Related CVEs | CVE-2025-5473 |
ICO file parsing integer overflow has been fixed in GIMP, the GNU Image Manipulation Program.
For Debian 10 buster, these problems have been fixed in version 2.10.8-2+deb10u3.
For Debian 9 stretch, these problems have been fixed in version 2.8.18-1+deb9u4.
We recommend that you upgrade your gimp packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.