In GIMP 2.8.22, there is a stack-based buffer over-read in xcf_load_stream in app/xcf/xcf.c when there is no '\0' character after the version string. Upstream bug: https://bugzilla.gnome.org/show_bug.cgi?id=790783 Upstream patch: https://git.gnome.org/browse/gimp/commit/?id=702c4227e8b6169f781e4bb5ae4b5733f51ab126
Created gimp tracking bugs for this issue: Affects: fedora-all [bug 1529149]