Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e560e6f by Moritz Muehlenhoff at 2026-06-24T09:03:40+02:00
trixie triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -148,6 +148,7 @@ CVE-2026-56402 (NanoClaw before 2.1.17 contains a privilege
escalation vulnerabi
NOT-FOR-US: NanoClaw
CVE-2026-56379 (ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command
injection ...)
- imagemagick 8:7.1.2.15+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xpg8-7m6m-jf56
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/f63c78b3828933f1cc7cf499390248981af765aa
(7.1.2-14)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/9db96365ecab5de69cdec81b9359672b3a827aaa
(7.1.2-14)
@@ -155,11 +156,13 @@ CVE-2026-56379 (ImageMagick before 7.1.2-15 and 6.9.13-40
contains a command inj
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/b4a7adf48e723ab73d2337ada34ee0fee7337250
(6.9.13-39)
CVE-2026-56376 (ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap
use-after-fr ...)
- imagemagick 8:7.1.2.15+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2gq3-ww97-wfjm
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/f5049954f12c6fcf090a776767526d2a4708d58b
(7.1.2-14)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/94062bdf70dacc9714f2ff46a5920ceac63836cf
(6.9.13-39)
CVE-2026-56371 (ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory
leak in co ...)
- imagemagick 8:7.1.2.15+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3q5f-gmjc-38r8
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/e6394098af39a9689bb5f0b4eb6a9968e449a8d3
(7.1.2-14)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/073e3e31bb8f3646db365994cf618e998853bef7
(6.9.13-39)
@@ -1072,6 +1075,7 @@ CVE-2026-12806 (A vulnerability has been found in Edimax
BR-6478AC V2 1.23. The
NOT-FOR-US: Edimax
CVE-2026-12805 (A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected
element ...)
- dcmtk 3.7.0+really3.7.0-6 (bug #1140562)
+ [trixie] - dcmtk <no-dsa> (Minor issue)
NOTE: https://support.dcmtk.org/redmine/issues/1208
NOTE: Fixed by:
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d4b3815c0987840a983160bfc671fef63a3105b
CVE-2026-11748 (A vulnerability has been identified in
centraldogma-server-auth-shiro ...)
@@ -1200,11 +1204,13 @@ CVE-2025-71348 (picklescan before 0.0.28 fails to
detect malicious pickle files
NOT-FOR-US: picklescan
CVE-2026-56367 (ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40
contains an int ...)
- imagemagick 8:7.1.2.15+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-273h-m46v-96q4
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/5b91ab69af614024255fd93dcc9a62b41fbc435c
(7.1.2-14)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/f4976eb8efe87009eec7cb12f62a3abd1cef4881
(6.9.13-39)
CVE-2026-56378 (ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40)
contains a heap ...)
- imagemagick 8:7.1.2.15+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wgxp-q8xq-wpp9
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/436e5d2589e3c0adc10d9aa189e81d5d088d8207
(7.1.2-14)
CVE-2026-52911 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
@@ -23104,10 +23110,12 @@ CVE-2026-4630 (A flaw was found in Keycloak. An
authenticated client could explo
CVE-2026-47784 (In memcached before 1.6.42, password data for SASL password
database a ...)
{DLA-4601-1}
- memcached 1.6.42-1 (bug #1137214)
+ [trixie] - memcached <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed
(1.6.42)
CVE-2026-47783 (In memcached before 1.6.42, username data for SASL password
database a ...)
{DLA-4601-1}
- memcached 1.6.42-1 (bug #1137214)
+ [trixie] - memcached <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed
(1.6.42)
CVE-2026-47358 (Terrascan v1.18.3 and prior are vulnerable to Server-Side
Request Forg ...)
NOT-FOR-US: Terrascan
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e560e6f45782c301beaed32d30c6583b28c05c7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e560e6f45782c301beaed32d30c6583b28c05c7
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits