[Git][security-tracker-team/security-tracker][master] IM triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Mar 11 18:39:17 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5cf2967f by Moritz Muehlenhoff at 2026-03-11T19:39:03+01:00
IM triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -980,6 +980,7 @@ CVE-2026-30929 (ImageMagick is free and open-source software used for editing an
 	- imagemagick 8:7.1.2.16+dfsg1-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rqq8-jh93-f4vg
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/adf831c442b7dc37da04d73331aba26e388eeb9a (7.1.2-16)
+	NOTE: IM6 looks unaffected even if the advisory claims it's fixed
 CVE-2026-30927 (Admidio is an open-source user management solution. Prior to 5.0.6, in ...)
 	NOT-FOR-US: Admidio
 CVE-2026-30926 (SiYuan is a personal knowledge management system. Prior to 3.5.10, a p ...)
@@ -1008,6 +1009,7 @@ CVE-2026-30883 (ImageMagick is free and open-source software used for editing an
 	- imagemagick 8:7.1.2.16+dfsg1-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qmw5-2p58-xvrc
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/5897fb65d173a57729026321d5067c9ddca5c56f (7.1.2-16)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/3875619331d2c7c74a80d34665cbc06e6ed4359a (6.9.13-41)
 CVE-2026-30870 (PowerSync Service is the server-side component of the PowerSync sync e ...)
 	NOT-FOR-US: PowerSync Service
 CVE-2026-30869 (SiYuan is a personal knowledge management system. Prior to 3.5.10, a p ...)
@@ -1047,6 +1049,7 @@ CVE-2026-28689 (ImageMagick is free and open-source software used for editing an
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-493f-jh8w-qhx3
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/3eb11260cfe84fddbdcb8d2ed47f92703d1b2987 (7.1.2-14)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/753ffb699934331b31028d4e271f2f6d6db85074 (7.1.2-16)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/6a602fb36f181a0089848344a3b0d79fc6155a2b (6.9.13-41) (jumbo security patch for multiple issues)
 CVE-2026-28688 (ImageMagick is free and open-source software used for editing and mani ...)
 	- imagemagick 8:7.1.2.16+dfsg1-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xxw5-m53x-j38c



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5cf2967f69ed92efe501c5d3113e011d251d6dde

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5cf2967f69ed92efe501c5d3113e011d251d6dde
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260311/fb2d097a/attachment.htm>

More information about the debian-security-tracker-commits mailing list