Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
01cb2476 by Salvatore Bonaccorso at 2026-07-10T21:39:45+02:00
Add two new imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -124,9 +124,15 @@ CVE-2026-56665 (ZITADEL is an open source identity 
management platform. Prior to
 CVE-2026-56664 (ZITADEL is an open source identity management platform. Prior 
to 3.4.1 ...)
        NOT-FOR-US: Zitadel
 CVE-2026-56373 (ImageMagick before 7.1.2-15 contains a use-after-free 
vulnerability in ...)
-       TODO: check
+       - imagemagick 8:7.1.2.15+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3j4x-rwrx-xxj9
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/168ffe18def968f886c023146a478897866fd621
 (7.1.2-14)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/06a0867c1f5076b85577b6b1cf87af901f6d6a84
 (6.9.13-39)
 CVE-2026-56366 (ImageMagick before 7.1.2-18 contains a memory leak 
vulnerability in th ...)
-       TODO: check
+       - imagemagick 8:7.1.2.18+dfsg1-1
+       NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9r56-3gjq-hqf7
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick/commit/bee248ee853a686a969fae9cfb1e02dd5aae245b
 (7.1.2-18)
+       NOTE: Fixed by: 
https://github.com/ImageMagick/ImageMagick6/commit/1adc49fac3041620abe11fcb06524d33d9dbd035
 (6.9.13-43)
 CVE-2026-56354 (n8n before 1.123.24, 2.10.4, and 2.12.0 (across its 1.x and 
2.x branch ...)
        NOT-FOR-US: n8n
 CVE-2026-56335 (Capgo before 12.128.2 contains an authorization bypass 
vulnerability w ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01cb2476dd2f4577496a654b2778879b5e26a296

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01cb2476dd2f4577496a654b2778879b5e26a296
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to