Ubuntu Security Notice 880-1 – Stefan Cornelius discovered that GIMP did not correctly handle certain malformed BMP files. If a user were tricked into opening a specially crafted BMP file, an attacker could execute arbitrary code with the user’s privileges. Stefan Cornelius discovered that GIMP did not correctly handle certain malformed PSD files. If a user were tricked into opening a specially crafted PSD file, an attacker could execute arbitrary code with the user’s privileges. This issue only applied to Ubuntu 8.10, 9.04 and 9.10.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/84911/USN-880-1.txt
Source: https://packetstormsecurity.com/files/84911/Ubuntu-Security-Notice-880-1.html