imagemagick: bullseye postponed

Sylvain Beucler (@beuc) Sat, 19 Jul 2025 02:27:24 -0700


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4f5b4fbc by Sylvain Beucler at 2025-07-19T11:27:01+02:00
CVE-2025-53014,CVE-2025-53019,CVE-2025-53101/imagemagick: bullseye postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1346,11 +1346,13 @@ CVE-2025-53623 (The Job Iteration API is an an 
extension for ActiveJob that make
 CVE-2025-53101 (ImageMagick is free and open-source software used for editing 
and mani ...)
        - imagemagick 8:7.1.1.47+dfsg1-2 (bug #1109339)
        [trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u1
+       [bullseye] - imagemagick <postponed> (Minor issue; OOB write through 
CLI parameters)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774
 (7.1.2-0)
 CVE-2025-53019 (ImageMagick is free and open-source software used for editing 
and mani ...)
        - imagemagick 8:7.1.1.47+dfsg1-2 (bug #1109339)
        [trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u1
+       [bullseye] - imagemagick <postponed> (Minor issue; memory leak)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cfh4-9f7v-fhrc
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/fc3ab0812edef903bbb2473c0ee652ddfd04fe5c
 (7.1.2-0)
 CVE-2025-53015 (ImageMagick is free and open-source software used for editing 
and mani ...)
@@ -1365,6 +1367,7 @@ CVE-2025-53015 (ImageMagick is free and open-source 
software used for editing an
 CVE-2025-53014 (ImageMagick is free and open-source software used for editing 
and mani ...)
        - imagemagick 8:7.1.1.47+dfsg1-2 (bug #1109339)
        [trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u1
+       [bullseye] - imagemagick <postponed> (Minor issue; OOB read in CLI)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hm4x-r5hc-794f
        NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03
 (7.1.2-0)
 CVE-2025-52363 (Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root 
password h ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f5b4fbcb2c6d21d80586b79e60f007299a31782

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f5b4fbcb2c6d21d80586b79e60f007299a31782
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] CVE-2025-53014,CVE-2025-53019,CVE-2025-53101/imagemagick: bullseye postponed

Reply via email to