Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3cfa906e by Salvatore Bonaccorso at 2025-07-20T15:42:21+02:00
Mark imagemagick issues as no-dsa for bookworm
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1481,12 +1481,14 @@ CVE-2025-53623 (The Job Iteration API is an an
extension for ActiveJob that make
CVE-2025-53101 (ImageMagick is free and open-source software used for editing
and mani ...)
- imagemagick 8:7.1.1.47+dfsg1-2 (bug #1109339)
[trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u1
+ [bookworm] - imagemagick <no-dsa> (Minor issue)
[bullseye] - imagemagick <postponed> (Minor issue; OOB write through
CLI parameters)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774
(7.1.2-0)
CVE-2025-53019 (ImageMagick is free and open-source software used for editing
and mani ...)
- imagemagick 8:7.1.1.47+dfsg1-2 (bug #1109339)
[trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u1
+ [bookworm] - imagemagick <no-dsa> (Minor issue)
[bullseye] - imagemagick <postponed> (Minor issue; memory leak)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cfh4-9f7v-fhrc
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/fc3ab0812edef903bbb2473c0ee652ddfd04fe5c
(7.1.2-0)
@@ -1502,6 +1504,7 @@ CVE-2025-53015 (ImageMagick is free and open-source
software used for editing an
CVE-2025-53014 (ImageMagick is free and open-source software used for editing
and mani ...)
- imagemagick 8:7.1.1.47+dfsg1-2 (bug #1109339)
[trixie] - imagemagick 8:7.1.1.43+dfsg1-1+deb13u1
+ [bookworm] - imagemagick <no-dsa> (Minor issue)
[bullseye] - imagemagick <postponed> (Minor issue; OOB read in CLI)
NOTE:
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hm4x-r5hc-794f
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03
(7.1.2-0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cfa906e1b61ac532b3fa9a481da5e24bb32e7c7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cfa906e1b61ac532b3fa9a481da5e24bb32e7c7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
