[Git][security-tracker-team/security-tracker][master] Add two new imagemagick issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 27 05:44:44 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b63e1d8 by Salvatore Bonaccorso at 2026-03-27T06:44:13+01:00
Add two new imagemagick issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -90,9 +90,15 @@ CVE-2026-33632 (ClearanceKit intercepts file-system access events on macOS and e
 CVE-2026-33631 (ClearanceKit intercepts file-system access events on macOS and enforce ...)
 	NOT-FOR-US: ClearanceKit
 CVE-2026-33536 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/ee4468a8ab0635fcaa9c561e583c56ada3b1b721 (7.1.2-18)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/3ed2120f70ee9ff0c6cac2375e5821c52c381b4c (6.9.13-43)
 CVE-2026-33535 (ImageMagick is free and open-source software used for editing and mani ...)
-	TODO: check
+	- imagemagick <unfixed>
+	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mw3m-pqr2-qv7c
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/d3af057fb9d3666762ca3731c2360f544f607f88 (7.1.2-18)
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/3bdfa6a73a6c0ba5f2d0986cd2a1892c37f796f3 (6.9.13-43)
 CVE-2026-33532 (`yaml` is a YAML parser and serialiser for JavaScript. Parsing a YAML  ...)
 	TODO: check
 CVE-2026-33531 (InvenTree is an Open Source Inventory Management System. Prior to vers ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b63e1d896bc7367cfdfc975b3a48f3d51a1d178

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b63e1d896bc7367cfdfc975b3a48f3d51a1d178
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260327/7494932a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list