Hi! All the bugs mentionned in the CC list are marked as "Workaround entry for DSA-XXXX-1 until CVEs assigned" in the security tracker:
https://security-tracker.debian.org/tracker/source-package/imagemagick I did not find CVE requests on the OSS-security list. Have those requests been formally made yet? If not, do you wish for me to make a formal request? I am processing those issues as part of the Debian LTS project and would be happy to lend a hand if necessary. Thanks! A. -- L'art n'est pas un bureau d'anthropométrie. - Léo Ferré, "Préface"