Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7f7938b8 by Moritz Muehlenhoff at 2026-01-04T23:22:07+01:00
trixie/bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2219,6 +2219,8 @@ CVE-2025-69210 (FacturaScripts is open-source enterprise
resource planning and a
CVE-2025-69204 (ImageMagick is free and open-source software used for editing
and mani ...)
{DLA-4429-1}
- imagemagick 8:7.1.2.12+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
+ [bookworm] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hrh7-j8q2-4qcw
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/2c08c2311693759153c9aa99a6b2dcb5f985681e
(7.1.2-12)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/c46bc2a29d0712499173c6ffda1d38d7dc8861f5
(6.9.13-37)
@@ -2339,6 +2341,8 @@ CVE-2025-68974 (Improper Control of Filename for
Include/Require Statement in PH
CVE-2025-68950 (ImageMagick is free and open-source software used for editing
and mani ...)
{DLA-4429-1}
- imagemagick 8:7.1.2.12+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
+ [bookworm] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7rvh-xqp3-pr8j
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/204718c2211903949dcfc0df8e65ed066b008dec
(7.1.2-12)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/5655e26ee9032a208ad9add1fde2877205d5e540
(6.9.13-37)
@@ -2347,6 +2351,8 @@ CVE-2025-68926 (RustFS is a distributed object storage
system built in Rust. In
CVE-2025-68618 (ImageMagick is free and open-source software used for editing
and mani ...)
{DLA-4429-1}
- imagemagick 8:7.1.2.12+dfsg1-1
+ [trixie] - imagemagick <no-dsa> (Minor issue)
+ [bookworm] - imagemagick <no-dsa> (Minor issue)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p27m-hp98-6637
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/6f431d445f3ddd609c004a1dde617b0a73e60beb
(7.1.2-12)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/693c8497290ea0c7cac75d3068ea4fa70d7d507e
(6.9.13-37)
@@ -15763,6 +15769,8 @@ CVE-2025-66478
REJECTED
CVE-2025-66453 (Rhino is an open-source implementation of JavaScript written
entirely ...)
- rhino <unfixed> (bug #1121953)
+ [trixie] - rhino <no-dsa> (Minor issue)
+ [bookworm] - rhino <no-dsa> (Minor issue)
[bullseye] - rhino <postponed> (Minor issue)
NOTE:
https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x
NOTE: Fixed by:
https://github.com/mozilla/rhino/commit/b333c3ec7a86409d62b0aab315129584fe18cb9e
(Rhino1_7_15_1_Release)
@@ -796757,8 +796765,7 @@ CVE-2012-4247 (Multiple cross-site scripting (XSS)
vulnerabilities in lists/admi
CVE-2012-4246 (Multiple cross-site scripting (XSS) vulnerabilities in
lists/admin/ind ...)
- phplist <itp> (bug #612288)
CVE-2012-4245 (The scriptfu network server in GIMP 2.6 does not require
authenticatio ...)
- - gimp <unfixed> (unimportant)
- NOTE: The interface isn't designed or advertised to be secure, this is
hardly a security issue in practice
+ NOTE: Bogus issue: The interface isn't designed or advertised to be
secure
CVE-2012-4244 (ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x
before 9.9. ...)
{DSA-2547-1}
- bind9 1:9.8.4.dfsg-1 (bug #693015)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f7938b854017f2758285069e258d54d5196a11f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f7938b854017f2758285069e258d54d5196a11f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
