[Added] GIMP (Portable) - App-Request
Name of the app:
- GIMP (Portable)
- Spencer Kimball, Peter Mattis and the GIMP Development Team
Version number displayed in the app:
- 2.10.4 (this is the field Product Version String)
App-Icon: in ICO format
Here is the version information extracted from gimp-2.10.exe:
File name and path: D:\PortableApps\PortableApps\GIMPPortable\App\gimp\bin\gimp-2.10.exe Product Name: GNU Image Manipulation Program Internal Name: gimp-2.10 Original Filename: gimp-2.10.exe File Description: GNU Image Manipulation Program Company: Spencer Kimball, Peter Mattis and the GIMP Development Team Legal Copyright: Copyright Â© 1995-2018 Legal Trademarks: Comments: File Version String: 188.8.131.52 File Version: 184.108.40.206 Product Version String: 2.10.4 Product Version: 220.127.116.11
Version 2.10.6 is now shown.
Found a reference to the open vuln, it was fixed back in 2.10.0-RC1
States on versions 2.10.0 through 2.10.8 has been updated to reflect this
OK, I mark it as fixed
@olli_s We can close it
GIMP is detected correctly, issue seems to be solved.
@Tom should I close it or do you want to leave it opened (because of the filename issue)?
Also, detection will fail when they go to version 2.12 or whatever the next minor release is called, since they change the filename.
We will consider if this should be detected automatically, since there is a few apps that do it this way (though it mostly seems to be an old way of doing it).
Generic detection added.
However, GIMP seems to be vulnerable to this old vuln:
CVE-2017-17789 in file-psp.exe
There is no immediate announcements or entries in the changelog about this being fixed.
If someone has more information, please share it.