Multiple vulnerabilities was discovered and fixed in gimp: Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself . Stack-based buffer overflow in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Number of lights field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself . Stack-based buffer overflow in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself . Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a PSP_COMP_RLE image file that begins a long run count at the end of the image . Packages for 2009.0 are provided as of the Extended Maintenance Program