[Gimp-developer] ANNOUNCE: GIMP 2.8.18 released



Hi,

we are releasing GIMP 2.8.18 with a number of bug fixes, including
the fix for a vulnerability found in the XCF loading code:

CVE-2016-4994
Use-after-free vulnerability in the xcf_load_image function

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994

This is a bugfix release in the stable 2.8 series, no
new features were added.

For a complete list of changes since 2.8.16 please see the "Changes"
section below. Also see the release notes of the 2.8 series at
https://www.gimp.org/release-notes/gimp-2.8.html

Happy GIMPing,
--Michael


Download
========

  GIMP 2.8.18 is available from:

  https://download.gimp.org/pub/gimp/v2.8/

  and from the mirrors listed at:

  https://www.gimp.org/downloads/#mirrors

  Please use the torrent, it distributes
  the download bandwidth across all mirrors:

  https://download.gimp.org/pub/gimp/v2.8/gimp-2.8.18.tar.bz2.torrent

  The checksum of the tarball is:

  5adaa11a68bc8a42bb2c778fee4d389c  gimp-2.8.18.tar.bz2


Overview of Changes from GIMP 2.8.16 to GIMP 2.8.18
===================================================


Core:

 - Initialize fontconfig cache in separate thread to keep GUI
   responsive on first startup
 - Properly recognize layer masks as deactivated, e.g. for moving layers
 - Create $XDG_DATA_HOME if it doesn't exist
 - (CVE-2016-4994) Multiple Use-After-Free when parsing XCF channel
   and layer properties
 - Fix progress access to prevent crash on rapid sequence of commands
 - Fix crash in gimp-gradient-segment-range-move


GUI:

 - Disable color picker buttons on OS X to prevent a GUI lockup
 - Disable "new-style" full-screen mode on OS X to prevent a crash
 - Pulsing progress bar in splash screen to indicate unknown durations
 - Fix gamut warning color for lcms display filter
 - Fix unbolding of bold font on edit
 - Prevent accidental renaming of wrong adjacent item


Installer:

 - Change compression settings to decrease size by 20%
 - Add Catalan, Danish, French, Dutch


Plug-ins:

 - Fix crash on sRGB JPEG image drag & drop
 - Fix ambiguous octal-escaped output of c-source
 - Fix KISS CEL export
 - Fix progress bar for file-compressor
 - Make Script-Fu regex match return proper character indexes for
   Unicode characters
 - Fix Script-Fu modulo for large numbers


General:

 - Documentation updates
 - Bug fixes
 - Translation updates


Contributors
============

  Adrian Likins, Ell, Jehan, Jernej Simončič, João S. O. Bueno,
  Kristian Rietveld, Massimo Valentini, Michael Natterer, Michael
  Schumacher,  Pedro Gimeno, Shmuel H, Simon Budig, Sven Claussner,
  Thomas Manni


Translators
===========

  Alexandre Prokoudine, Anders Jonsson, Ask Hjorth Larsen, Balázs Úr,
  Baurzhan Muftakhidinov, Christian Kirbach, Cédric Valmary, Dimitris
  Spingos, Dimitris Spingos (Δημήτρης Σπίγγος), Dušan Kazik, Gábor
  Kelemen, Marco Ciampa, Mario Blättermann, Martin Srebotnjak, Piotr
  Drąg, Rafael Fontenelle, Sveinn í Felli, Tiago Santos, Милош Поповић,


-- 
Regards,
Michael
GPG: 96A8 B38A 728A 577D 724D 60E5 F855 53EC B36D 4CDD

Attachment: signature.asc
Description: OpenPGP digital signature



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]