[Git][security-tracker-team/security-tracker][master] libsixel fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Mar 12 12:43:17 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4b875074 by Moritz Muehlenhoff at 2026-03-12T13:42:54+01:00
libsixel fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -78437,12 +78437,12 @@ CVE-2025-9301 (A vulnerability was determined in cmake 4.1.20250725-gb5cce23. Th
 	NOTE: Fixed by: https://gitlab.kitware.com/cmake/cmake/-/commit/37e27f71bc356d880c908040cd0cb68fa2c371b8
 	NOTE: Negligible security impact
 CVE-2025-9300 (A vulnerability was found in saitoha libsixel up to 1.10.3. Affected b ...)
-	- libsixel <unfixed> (bug #1111877)
+	- libsixel 1:1.8.7-1 (bug #1111877)
 	[trixie] - libsixel <no-dsa> (Minor issue)
 	[bookworm] - libsixel <no-dsa> (Minor issue)
 	[bullseye] - libsixel <postponed> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/200
-	NOTE: https://github.com/saitoha/libsixel/commit/316c086e79d66b62c0c4bc66229ee894e4fdb7d1
+	NOTE: https://github.com/saitoha/libsixel/commit/316c086e79d66b62c0c4bc66229ee894e4fdb7d1 (v1.8.7)
 CVE-2025-9299 (A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this  ...)
 	NOT-FOR-US: Tenda
 CVE-2025-9298 (A flaw has been found in Tenda M3 1.0.0.12. Affected is the function f ...)
@@ -375085,7 +375085,7 @@ CVE-2022-29980 (Simple Client Management System 1.0 is vulnerable to SQL Injecti
 CVE-2022-29979 (Simple Client Management System 1.0 is vulnerable to SQL Injection via ...)
 	NOT-FOR-US: Sourcecodester Simple Client Management System
 CVE-2022-29978 (There is a floating point exception error in sixel_encoder_do_resize,  ...)
-	- libsixel <unfixed> (bug #1014527)
+	- libsixel 1:1.8.7-1 (bug #1014527)
 	[trixie] - libsixel <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - libsixel <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - libsixel <no-dsa> (Minor issue)
@@ -375093,9 +375093,9 @@ CVE-2022-29978 (There is a floating point exception error in sixel_encoder_do_re
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	NOTE: https://github.com/libsixel/libsixel/issues/63
 	NOTE: Previously also reported in https://github.com/saitoha/libsixel/issues/166
-	NOTE: https://github.com/saitoha/libsixel/commit/07ab2354d5b1678e7857d40f61832c9847f3f473
+	NOTE: https://github.com/saitoha/libsixel/commit/07ab2354d5b1678e7857d40f61832c9847f3f473 (v1.8.7)
 CVE-2022-29977 (There is an assertion failure error in stbi__jpeg_huff_decode, stb_ima ...)
-	- libsixel <unfixed> (bug #1014526)
+	- libsixel 1:1.8.7-1 (bug #1014526)
 	[trixie] - libsixel <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - libsixel <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - libsixel <no-dsa> (Minor issue)
@@ -375104,6 +375104,8 @@ CVE-2022-29977 (There is an assertion failure error in stbi__jpeg_huff_decode, s
 	NOTE: https://github.com/libsixel/libsixel/issues/62
 	NOTE: Previously also reported in https://github.com/saitoha/libsixel/issues/165
 	NOTE: https://github.com/saitoha/libsixel/issues/165#issuecomment-3156339204
+	NOTE: https://github.com/saitoha/libsixel/commit/d6bc4ef88015d3a4922d63b9b4655c6b5cc340cd (v1.8.7)
+	NOTE: https://github.com/saitoha/libsixel/commit/1c58a6ea708b6fa793ffb5a10798ccfea36e8eed (v1.8.7)
 CVE-2022-29976 (An Authenticated Reflected Cross-site scripting at BCC Parameter was d ...)
 	NOT-FOR-US: MDaemon
 CVE-2022-29975 (An Authenticated Reflected Cross-site scripting at CC Parameter was di ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b875074503b40c132223295f80a25ba35fa8122

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b875074503b40c132223295f80a25ba35fa8122
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260312/c3f607ab/attachment.htm>

More information about the debian-security-tracker-commits mailing list