Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1c397f00 by Salvatore Bonaccorso at 2026-06-11T22:11:52+02:00
Add more imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -116,17 +116,34 @@ CVE-2026-4096 (IBM DevOps Plan 3.0.0 through 3.0.6 is 
vulnerable to HTTP header
 CVE-2026-49982 (tmp is a temporary file and directory creator for node.js. In 
version  ...)
        TODO: check
 CVE-2026-49219 (ImageMagick is free and open-source software used for editing 
and mani ...)
-       TODO: check
+       - imagemagick 8:7.1.2.24+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xcjm-wqff-m669
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/d1bf6bcf357fef944280263892dadf84fbb2211d
 (7.1.2-24)
+       NOTE: Fixed by: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/ac84db0cfd4891c0474b7bfdd3c1d016aa57216a
 (6.9.13-49)
 CVE-2026-49218 (ImageMagick is free and open-source software used for editing 
and mani ...)
-       TODO: check
+       - imagemagick 8:7.1.2.24+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8pj9-6897-74xc
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/84fbcef8a558b1da075417a89d29aa5632d57f63
 (7.1.2-24)
+       NOTE: Fixed by: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/14faf35495e9191f54bc63df44383a76f5cf16d9
 (6.9.13-49)
 CVE-2026-48994 (ImageMagick is free and open-source software used for editing 
and mani ...)
-       TODO: check
+       - imagemagick 8:7.1.2.24+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4v89-6mgq-6rgc
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/44df3a54af31b8d33fa5e40b4dc61d051c4a5d9a
 (7.1.2-24)
+       NOTE: Fixed by: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/662a1667d115a65b22a3792755431fc9c1f31d89
 (6.9.13-49)
 CVE-2026-48734 (ImageMagick is free and open-source software used for editing 
and mani ...)
-       TODO: check
+       - imagemagick 8:7.1.2.24+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-h36c-3666-h489
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/9ee821731faee8c4cc44103cc4180854046bb13c
 (7.1.2-24)
+       NOTE: Fixed by: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/60153856299c66689e3620b8347c0cc32c807d95
 (6.9.13-49)
 CVE-2026-48733 (ImageMagick is free and open-source software used for editing 
and mani ...)
-       TODO: check
+       - imagemagick 8:7.1.2.24+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5v62-8fq6-cp9m
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/3a12d63368e88350ed838966fcbb67625938cf3a
 (7.1.2-24)
+       NOTE: Fixed by: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/1a59a4f31acca06f90a1f83424ef991a60f76b61
 (6.9.13-49)
 CVE-2026-48724 (ImageMagick is free and open-source software used for editing 
and mani ...)
-       TODO: check
+       - imagemagick 8:7.1.2.24+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2hhq-c99x-492r
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/017c7efe4d63b953b35ab96fc0939ba3620e4739
 (7.1.2-24)
 CVE-2026-48547 (KanaDojo contains a command injection vulnerability that 
allows an att ...)
        TODO: check
 CVE-2026-48546 (KanaDojo before 0.1.18 contains a sandbox escape vulnerability 
that al ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c397f00f8f19b53a4a1b278f8432a38e2b61850

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c397f00f8f19b53a4a1b278f8432a38e2b61850
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to