plug-in): heap buffer overflow when loading external palette files

Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS palette file, which triggers an "invalid free."...

gimp security update

2:2.2.13-2.0.7.el58.5 - fix overflow in GIF loader CVE-2012-3481 2:2.2.13-2.0.7.el58.4 - fix overflows in PSD plugin CVE-2009-3909, CVE-2012-3402 - fix heap corruption and overflow in GIF plug-in CVE-2011-2896 - fix overflow in CEL plug-in CVE-2012-3403...