[Git][security-tracker-team/security-tracker][master] openjdk-25, imagemagick DSAs

Sun, 03 May 2026 07:50:40 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b2fa2617 by Moritz Mühlenhoff at 2026-05-03T16:49:45+02:00
openjdk-25, imagemagick DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -35756,7 +35756,6 @@ CVE-2026-25982 (ImageMagick is free and open-source 
software used for editing an
 CVE-2026-25971 (ImageMagick is free and open-source software used for editing 
and mani ...)
        {DSA-6158-1 DLA-4539-1}
        - imagemagick 8:7.1.2.15+dfsg1-1
-       [bookworm] - imagemagick <ignored> (Minor issue, too intrusive to 
backport)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/9313e530b37272b748898febd42b5949756f0179
 (7.1.2-14)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/9795300c611926fc895dd4e02a34ce185d8ed651
 (6.9.13-39)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,9 @@
+[03 May 2026] DSA-6246-1 openjdk-25 - security update
+       {CVE-2026-22007 CVE-2026-22008 CVE-2026-22013 CVE-2026-22016 
CVE-2026-22018 CVE-2026-22021 CVE-2026-34268 CVE-2026-34282}
+       [trixie] - openjdk-25 25.0.3+9-2~deb13u1
+[03 May 2026] DSA-6245-1 imagemagick - security update
+       {CVE-2026-25971 CVE-2026-33899 CVE-2026-33900 CVE-2026-33901 
CVE-2026-33905 CVE-2026-33908 CVE-2026-34238 CVE-2026-40310 CVE-2026-40311}
+       [bookworm] - imagemagick 8:6.9.11.60+dfsg-1.6+deb12u9
 [02 May 2026] DSA-6244-1 incus - security update
        {CVE-2026-40195 CVE-2026-40197 CVE-2026-40243 CVE-2026-40251 
CVE-2026-41647 CVE-2026-41648 CVE-2026-41684 CVE-2026-41685}
        [trixie] - incus 6.0.4-2+deb13u7


=====================================
data/dsa-needed.txt
=====================================
@@ -66,8 +66,6 @@ nghttp2
 --
 nodejs/oldstable (jmm)
 --
-openjdk-25/stable (jmm)
---
 opennds/oldstable
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2fa26171f84218fff8ba14a15b68fe69bdcb682

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2fa26171f84218fff8ba14a15b68fe69bdcb682
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to