[Git][security-tracker-team/security-tracker][master] Add thread reference for CVE-2025-27796
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 5 19:10:48 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
53718f3d by Salvatore Bonaccorso at 2025-04-05T20:10:22+02:00
Add thread reference for CVE-2025-27796
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9667,6 +9667,7 @@ CVE-2025-27816 (A vulnerability was discovered in the Arctera InfoScale 7.0 thro
CVE-2025-27796 (ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette ...)
- graphicsmagick 1.4+really1.3.45+hg17689-1 (bug #1099954)
NOTE: https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/883ebf8cae6dfa5873d975fe3476b1a188ef3f9f
+ NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/59169987/
CVE-2025-27795 (ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimens ...)
- graphicsmagick 1.4+really1.3.45+hg17689-1 (bug #1099955)
[bullseye] - graphicsmagick <not-affected> (Vulnerable code only introduced in 1.3.38)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53718f3de0f326934bc3fc46ee72a02e9e4a4fd0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53718f3de0f326934bc3fc46ee72a02e9e4a4fd0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250405/3d631ce5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list