Debian DSA-4077-1 : gimp - security update

Medium Nessus Plugin ID 105499


The remote Debian host is missing a security-related update.


Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service (application crash) or potentially the execution of arbitrary code if malformed files are opened.


Upgrade the gimp packages.

For the oldstable distribution (jessie), these problems have been fixed in version 2.8.14-1+deb8u2.

For the stable distribution (stretch), these problems have been fixed in version 2.8.18-1+deb9u1.

See Also

Plugin Details

Severity: Medium

ID: 105499

File Name: debian_DSA-4077.nasl

Version: $Revision: 3.3 $

Type: local

Agent: unix

Published: 2018/01/02

Modified: 2018/01/29

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P


Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:gimp, cpe:/o:debian:debian_linux:8.0, cpe:/o:debian:debian_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 2017/12/30

Reference Information

CVE: CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789

DSA: 4077