Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 50800649 by Salvatore Bonaccorso at 2026-07-11T21:51:28+02:00 Add new imagemagick issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,13 +1,30 @@ CVE-2026-61870 (ImageMagick before 7.1.2-26 contains a memory leak vulnerability in th ...) - TODO: check + - imagemagick 8:7.1.2.26+dfsg1-1 + NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-m596-67p7-69wh + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/fdbf39ba9a681e53e6025d40501ae5a2bfec3000 (7.1.2-26) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/3c574f9ba5387f5f11669fdb4d4e8febc199dca3 (6.9.13-51) CVE-2026-61861 (ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in ...) - TODO: check + - imagemagick 8:7.1.2.26+dfsg1-1 + NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvxh-prvr-85w2 + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/f89d59c5370cc48b758148cbdbea84c50511fee8 (7.1.2-26) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/0091f38a106601893c77c2d298708048cd2930f5 (6.9.13-51) CVE-2026-61858 (ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in ...) - TODO: check + - imagemagick 8:7.1.2.26+dfsg1-1 + NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v3j6-27vc-7pw2 + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/19c11cb0aefbd627c95c4c08c44722e660025aa1 (7.1.2-26) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/5fbcfe76fd8be554e30ec1d8723c00ae8b68f470 (6.9.13-51) CVE-2026-61857 (ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerabili ...) - TODO: check + - imagemagick 8:7.1.2.26+dfsg1-1 + NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh5g-q395-cx4j + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/150c9852402ac1aa1f223e5bf5109e3a2022ebbc (7.1.2-26) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/e1d94d92d985f8c0bb648ddbcd70ba3362a84674 (6.9.13-51) CVE-2026-61465 (ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the a ...) - TODO: check + - imagemagick 8:7.1.2.26+dfsg1-1 + NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rvhp-75f6-9jqh + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/dd0dedbecff931e93c4e72a57f7108bb13f76cf7 (7.1.2-26) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/0bcf10763277cdf0f61cf85e786575ae8665f13b (7.1.2-26) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/1f57c1bdfc1d5e71e4cbd464cca0a569f7fd0733 (6.9.13-51) + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/a3201b8c08ad271458bafbd91f7eb4e9976e7399 (6.9.13-51) CVE-2026-61454 (The Grav Admin2 plugin (getgrav/grav-plugin-admin2) before 2.0.4 embed ...) NOT-FOR-US: Grav CMS plugin CVE-2026-61448 (Parse Server is affected by a stored cross-site scripting (XSS) vulner ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50800649a883973ed199c38580b4b2f31b534f95 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50800649a883973ed199c38580b4b2f31b534f95 You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
