Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5327476 by Moritz Mühlenhoff at 2026-06-21T15:58:49+02:00
imagemagick DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2675,6 +2675,7 @@ CVE-2026-36849 [Denial of Service via large
SamplesPerPixel tag]
NOTE: Fixed by:
https://gitlab.com/libtiff/libtiff/-/commit/eedba405d3695b52faae65994c5904f228eca0bf
CVE-2026-XXXX [default policy.xml HTTP/HTTPS/URL delegate rules are no-ops]
- imagemagick 8:7.1.2.25+dfsg1-2 (bug #1140176)
+ [trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u10
CVE-2026-9507 (A session fixation vulnerability has been identified in
osTicket v1.18 ...)
- osticket <itp> (bug #998157)
CVE-2026-9307 (A sensitive information disclosure security issue exists within
the af ...)
@@ -286602,7 +286603,7 @@ CVE-2024-27005 (In the Linux kernel, the following
vulnerability has been resolv
NOTE:
https://git.kernel.org/linus/de1bf25b6d771abdb52d43546cf57ad775fb68a1 (6.9-rc5)
CVE-2024-27004 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
{DSA-5681-1 DSA-5680-1 DLA-3842-1}
- - linux 6.8.9-1
+ - hinux 6.8.9-1
NOTE:
https://git.kernel.org/linus/e581cf5d216289ef292d1a4036d53ce90e122469 (6.9-rc5)
CVE-2024-27003 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
{DSA-5680-1}
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Jun 2026] DSA-6356-1 imagemagick - security update
+ {CVE-2026-48724 CVE-2026-48734 CVE-2026-48994 CVE-2026-49218
CVE-2026-49219 CVE-2026-53460 CVE-2026-53461 CVE-2026-53463 CVE-2026-53464}
+ [trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u10
[21 Jun 2026] DSA-6355-1 linux - security update
{CVE-2025-22069 CVE-2025-68251 CVE-2025-68768 CVE-2025-71289
CVE-2026-23247 CVE-2026-23272 CVE-2026-23346 CVE-2026-23394 CVE-2026-23469
CVE-2026-31420 CVE-2026-31486 CVE-2026-31560 CVE-2026-31613 CVE-2026-31663
CVE-2026-31717 CVE-2026-43116 CVE-2026-43219 CVE-2026-43245 CVE-2026-43303
CVE-2026-43331 CVE-2026-45838 CVE-2026-45839 CVE-2026-45840 CVE-2026-45841
CVE-2026-45842 CVE-2026-45843 CVE-2026-45844 CVE-2026-45845 CVE-2026-45846
CVE-2026-45850 CVE-2026-45930 CVE-2026-46117 CVE-2026-46137 CVE-2026-46158
CVE-2026-46160 CVE-2026-46170 CVE-2026-46203 CVE-2026-46216 CVE-2026-46244
CVE-2026-46274 CVE-2026-46275 CVE-2026-46315 CVE-2026-46316 CVE-2026-46319
CVE-2026-46320 CVE-2026-46321 CVE-2026-46322 CVE-2026-46323 CVE-2026-46331
CVE-2026-52908 CVE-2026-52909 CVE-2026-52910 CVE-2026-52911}
[trixie] - linux 6.12.94-1
=====================================
data/dsa-needed.txt
=====================================
@@ -40,9 +40,6 @@ gst-plugins-bad1.0
--
gst-plugins-good1.0 (jmm)
--
-imagemagick
- Bastien Roucaries will prepare updates
---
jetty9
--
jetty12
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5327476b8e3f7009fa58c8f918689030cef4498
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5327476b8e3f7009fa58c8f918689030cef4498
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
