Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c397f00 by Salvatore Bonaccorso at 2026-06-11T22:11:52+02:00
Add more imagemagick issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -116,17 +116,34 @@ CVE-2026-4096 (IBM DevOps Plan 3.0.0 through 3.0.6 is
vulnerable to HTTP header
CVE-2026-49982 (tmp is a temporary file and directory creator for node.js. In
version ...)
TODO: check
CVE-2026-49219 (ImageMagick is free and open-source software used for editing
and mani ...)
- TODO: check
+ - imagemagick 8:7.1.2.24+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xcjm-wqff-m669
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/d1bf6bcf357fef944280263892dadf84fbb2211d
(7.1.2-24)
+ NOTE: Fixed by: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/ac84db0cfd4891c0474b7bfdd3c1d016aa57216a
(6.9.13-49)
CVE-2026-49218 (ImageMagick is free and open-source software used for editing
and mani ...)
- TODO: check
+ - imagemagick 8:7.1.2.24+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8pj9-6897-74xc
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/84fbcef8a558b1da075417a89d29aa5632d57f63
(7.1.2-24)
+ NOTE: Fixed by: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/14faf35495e9191f54bc63df44383a76f5cf16d9
(6.9.13-49)
CVE-2026-48994 (ImageMagick is free and open-source software used for editing
and mani ...)
- TODO: check
+ - imagemagick 8:7.1.2.24+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4v89-6mgq-6rgc
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/44df3a54af31b8d33fa5e40b4dc61d051c4a5d9a
(7.1.2-24)
+ NOTE: Fixed by: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/662a1667d115a65b22a3792755431fc9c1f31d89
(6.9.13-49)
CVE-2026-48734 (ImageMagick is free and open-source software used for editing
and mani ...)
- TODO: check
+ - imagemagick 8:7.1.2.24+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h36c-3666-h489
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/9ee821731faee8c4cc44103cc4180854046bb13c
(7.1.2-24)
+ NOTE: Fixed by: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/60153856299c66689e3620b8347c0cc32c807d95
(6.9.13-49)
CVE-2026-48733 (ImageMagick is free and open-source software used for editing
and mani ...)
- TODO: check
+ - imagemagick 8:7.1.2.24+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5v62-8fq6-cp9m
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/3a12d63368e88350ed838966fcbb67625938cf3a
(7.1.2-24)
+ NOTE: Fixed by: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/1a59a4f31acca06f90a1f83424ef991a60f76b61
(6.9.13-49)
CVE-2026-48724 (ImageMagick is free and open-source software used for editing
and mani ...)
- TODO: check
+ - imagemagick 8:7.1.2.24+dfsg1-1
+ NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2hhq-c99x-492r
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/017c7efe4d63b953b35ab96fc0939ba3620e4739
(7.1.2-24)
CVE-2026-48547 (KanaDojo contains a command injection vulnerability that
allows an att ...)
TODO: check
CVE-2026-48546 (KanaDojo before 0.1.18 contains a sandbox escape vulnerability
that al ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c397f00f8f19b53a4a1b278f8432a38e2b61850
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c397f00f8f19b53a4a1b278f8432a38e2b61850
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits