Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7e560e6f by Moritz Muehlenhoff at 2026-06-24T09:03:40+02:00
trixie triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -148,6 +148,7 @@ CVE-2026-56402 (NanoClaw before 2.1.17 contains a privilege 
escalation vulnerabi
        NOT-FOR-US: NanoClaw
 CVE-2026-56379 (ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command 
injection ...)
        - imagemagick 8:7.1.2.15+dfsg1-1
+       [trixie] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xpg8-7m6m-jf56
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/f63c78b3828933f1cc7cf499390248981af765aa
 (7.1.2-14)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/9db96365ecab5de69cdec81b9359672b3a827aaa
 (7.1.2-14)
@@ -155,11 +156,13 @@ CVE-2026-56379 (ImageMagick before 7.1.2-15 and 6.9.13-40 
contains a command inj
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/b4a7adf48e723ab73d2337ada34ee0fee7337250
 (6.9.13-39)
 CVE-2026-56376 (ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap 
use-after-fr ...)
        - imagemagick 8:7.1.2.15+dfsg1-1
+       [trixie] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-2gq3-ww97-wfjm
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/f5049954f12c6fcf090a776767526d2a4708d58b
 (7.1.2-14)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/94062bdf70dacc9714f2ff46a5920ceac63836cf
 (6.9.13-39)
 CVE-2026-56371 (ImageMagick before 7.1.2-15 and 6.9.13-40 contains a memory 
leak in co ...)
        - imagemagick 8:7.1.2.15+dfsg1-1
+       [trixie] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3q5f-gmjc-38r8
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/e6394098af39a9689bb5f0b4eb6a9968e449a8d3
 (7.1.2-14)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/073e3e31bb8f3646db365994cf618e998853bef7
 (6.9.13-39)
@@ -1072,6 +1075,7 @@ CVE-2026-12806 (A vulnerability has been found in Edimax 
BR-6478AC V2 1.23. The
        NOT-FOR-US: Edimax
 CVE-2026-12805 (A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected 
element ...)
        - dcmtk 3.7.0+really3.7.0-6 (bug #1140562)
+       [trixie] - dcmtk <no-dsa> (Minor issue)
        NOTE: https://support.dcmtk.org/redmine/issues/1208
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d4b3815c0987840a983160bfc671fef63a3105b
 CVE-2026-11748 (A vulnerability has been identified in 
centraldogma-server-auth-shiro  ...)
@@ -1200,11 +1204,13 @@ CVE-2025-71348 (picklescan before 0.0.28 fails to 
detect malicious pickle files
        NOT-FOR-US: picklescan
 CVE-2026-56367 (ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 
contains an int ...)
        - imagemagick 8:7.1.2.15+dfsg1-1
+       [trixie] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-273h-m46v-96q4
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/5b91ab69af614024255fd93dcc9a62b41fbc435c
 (7.1.2-14)
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/f4976eb8efe87009eec7cb12f62a3abd1cef4881
 (6.9.13-39)
 CVE-2026-56378 (ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) 
contains a heap ...)
        - imagemagick 8:7.1.2.15+dfsg1-1
+       [trixie] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wgxp-q8xq-wpp9
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/436e5d2589e3c0adc10d9aa189e81d5d088d8207
 (7.1.2-14)
 CVE-2026-52911 (In the Linux kernel, the following vulnerability has been 
resolved:  k ...)
@@ -23104,10 +23110,12 @@ CVE-2026-4630 (A flaw was found in Keycloak. An 
authenticated client could explo
 CVE-2026-47784 (In memcached before 1.6.42, password data for SASL password 
database a ...)
        {DLA-4601-1}
        - memcached 1.6.42-1 (bug #1137214)
+       [trixie] - memcached <no-dsa> (Minor issue)
        NOTE: Fixed by: 
https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed
 (1.6.42)
 CVE-2026-47783 (In memcached before 1.6.42, username data for SASL password 
database a ...)
        {DLA-4601-1}
        - memcached 1.6.42-1 (bug #1137214)
+       [trixie] - memcached <no-dsa> (Minor issue)
        NOTE: Fixed by: 
https://github.com/memcached/memcached/commit/d13f282b4bce33a9c33b8a1bbf07f12114160fed
 (1.6.42)
 CVE-2026-47358 (Terrascan v1.18.3 and prior are vulnerable to Server-Side 
Request Forg ...)
        NOT-FOR-US: Terrascan



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e560e6f45782c301beaed32d30c6583b28c05c7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e560e6f45782c301beaed32d30c6583b28c05c7
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to