[Git][security-tracker-team/security-tracker][master] CVE-2025-32460/graphicsmagick: bullseye not affected
Carlos Henrique Lima Melara (@charles)
gitlab at salsa.debian.org
Fri Apr 11 15:19:10 BST 2025
Carlos Henrique Lima Melara pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2131e59b by Carlos Henrique Lima Melara at 2025-04-11T11:19:03-03:00
CVE-2025-32460/graphicsmagick: bullseye not affected
JPEG-XL support was only introduce in version 1.3.38.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1208,6 +1208,7 @@ CVE-2023-37930 (Multiple issues including the use of uninitialized ressources [C
NOT-FOR-US: Fortinet
CVE-2025-32460 (GraphicsMagick before 8e56520 has a heap-based buffer over-read in Rea ...)
- graphicsmagick 1.4+really1.3.45+hg17696-1
+ [bullseye] - graphicsmagick <not-affected> (Vulnerable code only introduced in 1.3.38)
NOTE: https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/8e56520435df50f618a03f2721a39a70a515f1cb
CVE-2025-31672 (Improper Input Validation vulnerability in Apache POI. The issue affec ...)
- libapache-poi-java <undetermined>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2131e59bb768f70e794cd47aa300f14c2f85f192
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2131e59bb768f70e794cd47aa300f14c2f85f192
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250411/6ae2d2fb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list