Making good bug reports is a great way to help increase the software quality of GIMP. A good bug report is a bug report that provides unambigous step-by-step instructions on how to reproduce the bug, what result that is expected, and what the actual result it. Good bug reports makes it easy for the developers to reproduce and fix the bug.
Related to bug reports are enhancement requests. An enhancement request should never be filed without prior discussion on the gimp-developer mailing list. This is to make sure that the enhancement requests that are filed are well-specified and aligned with the overall goals the developers have for GIMP.
More information about Bugzilla, and bug hunting in general, can be found at http://wiki.gimp.org/. See also why we are using Bugzilla to handle bug reports. The rest of this page contains more detailed information regarding bug reports.
Since correctly submitting a bug report requires you to use tools you may have not used previously, we have created two documents. The first helps you to learn Bugzilla, which is the bug system used by GIMP developers to track bug reports. If you are fixing a problem yourself, the second document shows you how to properly create and submit a patch.
Below are different links into Bugzilla which show you lists of open and closed bugs. You can also search manually, but these links are often more convienient. With the help of the lists below you should be able to see if the bug you have found has already been reported. If it has been reported, and you have additional information, please add a comment with the additional information!
Some bug reports may be related to security issues. For example, a file plug-in may be vulnerable to a buffer overflow allowing arbitrary code execution when loading an image. We believe that the best way to report these vulnerabilities is through Bugzilla, as described above. This will ensure that the bug is reviewed and handled quickly (if necessary, a developer may decide to hide a sensitive bug report from other users until it is fixed). But if you really do not want to use Bugzilla for security reports and you do not mind some extra delay, you can also contact a limited set of GIMP developers by mail @gimp.org, using the special alias “security”. What will happen next is that a developer will review the issue and submit it in Bugzilla, usually as a hidden bug report only visible to developers. This will take a bit longer than if you directly submit the bug yourself, but we know that some people have a policy of not disclosing security vulnerabilities publicly, so we provide that address for their convenience.