[Git][security-tracker-team/security-tracker][master] Process some more imagemagick issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Feb 24 14:24:53 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
82f77cb0 by Salvatore Bonaccorso at 2026-02-24T15:22:28+01:00
Process some more imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -102,11 +102,20 @@ CVE-2026-26024 (free5GC SMF provides Session Management Function for free5GC, an
 CVE-2026-25989 (ImageMagick is free and open-source software used for editing and mani ...)
 	TODO: check
 CVE-2026-25988 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2 (7.1.2-14)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/d2e99064d65f5955f39d92e4b208089409118683 (6.9.13-39)
 CVE-2026-25987 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-42p5-62qq-mmh7
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/bbae0215e1b76830509fd20e6d37c0dd7e3e4c3a (7.1.2-14)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/a842cd896a19744b5577b6113990faaae14569b0 (6.9.13-39)
 CVE-2026-25986 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mqfc-82jx-3mr2
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/b9c80ad3ca802b6883da25f153c4fdf72c017eba (7.1.2-14)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/99340686966580c06a1599e247dc41fb59a430c8 (6.9.13-39)
 CVE-2026-25985 (ImageMagick is free and open-source software used for editing and mani ...)
 	TODO: check
 CVE-2026-25984
@@ -135,13 +144,21 @@ CVE-2026-25969 (ImageMagick is free and open-source software used for editing an
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xgm3-v4r9-wfgm
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/a253d1b124ebdcc2832daac6f9a35c362635b40e (7.1.2-14)
 CVE-2026-25968 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/56f02958890b820cf2d0a6ecb04eb6f58ea75628 (7.1.2-14)
 CVE-2026-25967 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-72hf-fj62-w6j4
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/9afe96cc325da1e4349fbd7418675af2f8708c10 (7.1.2-14)
 CVE-2026-25966 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xwc6-v6g8-pw2h
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/8d4c67a90ae458fb36393a05c0069e9123ac174c (7.1.2-14)
 CVE-2026-25965 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8jvj-p28h-9gm7
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/4a9dc1075dcad3ab0579e1b37dbe854c882699a5 (7.1.2-14)
 CVE-2026-25898 (ImageMagick is free and open-source software used for editing and mani ...)
 	TODO: check
 CVE-2026-25897 (ImageMagick is free and open-source software used for editing and mani ...)
@@ -149,9 +166,15 @@ CVE-2026-25897 (ImageMagick is free and open-source software used for editing an
 CVE-2026-25802 (New API is a large language mode (LLM) gateway and artificial intellig ...)
 	TODO: check
 CVE-2026-25799 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-543g-8grm-9cw6
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/412f3c8bc1d3b6890aad72376cd992c9b5177037 (7.1.2-14)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/44c687dee38eb1a8053facb4a33dfa1e255875ea (6.9.13-39)
 CVE-2026-25798 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p863-5fgm-rgq4
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/16dd3158ce197c6f65e7798a7a5cc4538bb0303e (7.1.2-14)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/93a38e3a7bfb7a492409275321eca94df7cd03a7 (6.9.13-39)
 CVE-2026-25797 (ImageMagick is free and open-source software used for editing and mani ...)
 	TODO: check
 CVE-2026-25796 (ImageMagick is free and open-source software used for editing and mani ...)
@@ -165,7 +188,9 @@ CVE-2026-25649 (Versions of the Traccar open-source GPS tracking system up to an
 CVE-2026-25648 (Versions of the Traccar open-source GPS tracking system starting with  ...)
 	TODO: check
 CVE-2026-25638 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gxcx-qjqp-8vjw
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/1e88fca11c7b8517100d518bc99bd8c474f02f88 (7.1.2-14)
 CVE-2026-25637 (ImageMagick is free and open-source software used for editing and mani ...)
 	TODO: check
 CVE-2026-25591 (New API is a large language mode (LLM) gateway and artificial intellig ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82f77cb09da4ed93205d21be1838ba8aca615170

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82f77cb09da4ed93205d21be1838ba8aca615170
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260224/64729ccb/attachment.htm>

More information about the debian-security-tracker-commits mailing list