Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: PSI alerts for GIMP 2.8
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: |
And, this specific program: GIMP 2.x |
| aaaaaaaaaaaaaaaaa | PSI alerts for GIMP 2.8 |
|---|---|
 |
14th Aug, 2012 22:31 |
|
Ranking: -5 Posts: 41 User Since: 15th Dec, 2008 System Score: 100% Location: N/A |
PSI founds the version 2.8.0 of GIMP and claims it was unsecure. It refers while doing that to SA49314. The SA itself claims versions prior to 2.8.0 were affected and it recommends update to 2.8.0. However, 2.8 already installed, and it is the program which PSI supposes to be insecure. Where does this strange alert come from? How to explain the inconsistency in background? What to do as next? On vendors page I can find any newer version than that already installed and detected by PSI as vulnerable!!!! Program Name: GIMP 2.x Security State: Insecure Download Link: http://www.gimp.org/downloads/ Instances Found: C:\Program Files\Gimp\bin\gimp-2.8.exe, version: 2.8.0.0 Last System Scan (localtime): 14. Aug 2012, 21:53 Operating System: Microsoft Windows Vista |
| Maurice Joyce | RE: PSI alerts for GIMP 2.8 | ||||||||
|
14th Aug, 2012 23:35 | ||||||||
| Score: 10510 Posts: 8,071 User Since: 4th Jan 2009 System Score: 100% Location: UK |
Have you tried a full PSI rescan? -- Maurice Windows 7 SP1 64 Bit OS HP Intel Pentium i7 IE 10 for Windows 7 16GB RAM |
||||||||
|
|||||||||
| aaaaaaaaaaaaaaaaa | RE: PSI alerts for GIMP 2.8 | ||||||||
|
|
15th Aug, 2012 09:11 | ||||||||
| Score: -5 Posts: 41 User Since: 15th Dec 2008 System Score: 100% Location: N/A Last edited on 15th Aug, 2012 09:13 |
Yes, I tried it. No help. The same results. One additional issue regarding this issue: some other PC in our lan (that case a Win XP based one) is affected as well. |
||||||||
|
|||||||||
| BlindFreakazoid | RE: PSI alerts for GIMP 2.8 | ||||||||
|
|
17th Aug, 2012 18:21 | ||||||||
| Score: 0 Posts: 1 User Since: 17th Aug 2012 System Score: N/A Location: DE |
On my system it's even stranger, see [1]. However, the tray icon is green... I'm using PSI 3.0.0.1002 (Beta). [1] http://imgur.com/ADYHk |
||||||||
|
|||||||||
| Websafe | RE: PSI alerts for GIMP 2.8 | ||||||||
|
|
17th Aug, 2012 21:56 | ||||||||
| Score: 79 Posts: 104 User Since: 24th May 2009 System Score: 100% Location: NL |
Hello all, Installed Gimp-2.8.0-setup.exe into a sandbox, on: Windows XP-home SP3 and Secunia PSI 2.0.0.3003. At first Gimp was recognized as secure, however PSI recognized 2 files: C:\Sandbox\Websafe\DefaultBox\drive\C\Program Files\GIMP 2\bin\libgtk-win32-2.0-0.dll, version 2.24.10.0 C:\Sandbox\Websafe\DefaultBox\drive\C\Program Files\GIMP 2\bin\gimp-2.8.exe, version 2.8.0.0 I decided to rename libgtk-win32-2.0-0.dll to libgtk-win32-2.0-0.dll.bak and did new complete PSI scan. This time PSI recognized Gimp as insecure, by only: C:\Sandbox\Websafe\DefaultBox\drive\C\Program Files\GIMP 2\bin\gimp-2.8.exe, version 2.8.0.0 Can't make a 100 % conclusion, but it seems likely that if PSI recognizes libgtk-win32-2.0-0.dll and gimp-2.8.exe separately, Gimp will be recognized as insecure, which seems a false positive to me. Have a nice day, Websafe. |
||||||||
|
|||||||||
