Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
50800649 by Salvatore Bonaccorso at 2026-07-11T21:51:28+02:00
Add new imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,30 @@
 CVE-2026-61870 (ImageMagick before 7.1.2-26 contains a memory leak 
vulnerability in th ...)
-       TODO: check
+       - imagemagick 8:7.1.2.26+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-m596-67p7-69wh
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/fdbf39ba9a681e53e6025d40501ae5a2bfec3000
 (7.1.2-26)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/3c574f9ba5387f5f11669fdb4d4e8febc199dca3
 (6.9.13-51)
 CVE-2026-61861 (ImageMagick before 7.1.2-26 contains a use-after-free 
vulnerability in ...)
-       TODO: check
+       - imagemagick 8:7.1.2.26+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvxh-prvr-85w2
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/f89d59c5370cc48b758148cbdbea84c50511fee8
 (7.1.2-26)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/0091f38a106601893c77c2d298708048cd2930f5
 (6.9.13-51)
 CVE-2026-61858 (ImageMagick before 7.1.2-26 contains a policy bypass 
vulnerability in  ...)
-       TODO: check
+       - imagemagick 8:7.1.2.26+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v3j6-27vc-7pw2
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/19c11cb0aefbd627c95c4c08c44722e660025aa1
 (7.1.2-26)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/5fbcfe76fd8be554e30ec1d8723c00ae8b68f470
 (6.9.13-51)
 CVE-2026-61857 (ImageMagick before 7.1.2-26 contains a heap use-after-free 
vulnerabili ...)
-       TODO: check
+       - imagemagick 8:7.1.2.26+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh5g-q395-cx4j
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/150c9852402ac1aa1f223e5bf5109e3a2022ebbc
 (7.1.2-26)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/e1d94d92d985f8c0bb648ddbcd70ba3362a84674
 (6.9.13-51)
 CVE-2026-61465 (ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check 
for the a ...)
-       TODO: check
+       - imagemagick 8:7.1.2.26+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rvhp-75f6-9jqh
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/dd0dedbecff931e93c4e72a57f7108bb13f76cf7
 (7.1.2-26)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/0bcf10763277cdf0f61cf85e786575ae8665f13b
 (7.1.2-26)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/1f57c1bdfc1d5e71e4cbd464cca0a569f7fd0733
 (6.9.13-51)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/a3201b8c08ad271458bafbd91f7eb4e9976e7399
 (6.9.13-51)
 CVE-2026-61454 (The Grav Admin2 plugin (getgrav/grav-plugin-admin2) before 
2.0.4 embed ...)
        NOT-FOR-US: Grav CMS plugin
 CVE-2026-61448 (Parse Server is affected by a stored cross-site scripting 
(XSS) vulner ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50800649a883973ed199c38580b4b2f31b534f95

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50800649a883973ed199c38580b4b2f31b534f95
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to