[Git][security-tracker-team/security-tracker][master] Add two new iamgemagick issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 23 21:28:12 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fe491eb1 by Salvatore Bonaccorso at 2025-04-23T22:28:01+02:00
Add two new iamgemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,8 @@ CVE-2025-46394 (In tar in BusyBox through 1.37.0, a TAR archive can have filenam
 	NOTE: https://bugs.busybox.net/show_bug.cgi?id=16018
 	NOTE: https://www.openwall.com/lists/oss-security/2025/04/23/1
 CVE-2025-46393 (In multispectral MIFF image processing in ImageMagick before 7.1.1-44, ...)
-	TODO: check
+	- imagemagick 8:7.1.1.46+dfsg1-1
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/81ac8a0d2eb21739842ed18c48c7646b7eef65b8 (7.1.1-44)
 CVE-2025-45429 (In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there i ...)
 	NOT-FOR-US: Tenda
 CVE-2025-45428 (In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime par ...)
@@ -11,7 +12,8 @@ CVE-2025-45428 (In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTi
 CVE-2025-45427 (In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security param ...)
 	NOT-FOR-US: Tenda
 CVE-2025-43965 (In MIFF image processing in ImageMagick before 7.1.1-44, image depth i ...)
-	TODO: check
+	- imagemagick 8:7.1.1.46+dfsg1-1
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/bac413a26073923d3ffb258adaab07fb3fe8fdc9 (7.1.1-44)
 CVE-2025-43716 (A directory traversal vulnerability exists in Ivanti LANDesk Managemen ...)
 	TODO: check
 CVE-2025-42605 (This vulnerability exists in Meon Bidding Solutions due to improper au ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe491eb12017ea461605e433d191daf4baffffa6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe491eb12017ea461605e433d191daf4baffffa6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250423/ba8656ba/attachment.htm>

More information about the debian-security-tracker-commits mailing list