[Git][security-tracker-team/security-tracker][master] CVE-2026-46557/imagemagick

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d5ede49 by Bastien Roucariès at 2026-05-24T17:58:44+02:00
CVE-2026-46557/imagemagick

Accroding to upstream im6 not affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -918,9 +918,11 @@ CVE-2026-46559
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/7d68aec1d02aaaeb513a1778e9702fa0d9ba9dcd (6.9.13-48)
 CVE-2026-46557
 	- imagemagick 8:7.1.2.23+dfsg1-1
+	[bookworm] - imagemagick <not-affected> (vulnerable code introduced later)
+	[bullseye] - imagemagick <not-affected> (vulnerable code introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rcr6-g7jc-f57g
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/06fb1aa7589f4eec363b33c2bbda5986a92bb259 (7.1.2-23)
-	NOTE: Fix for IM6 seems missing
+	NOTE: Imagemagick6 not affected see https://github.com/ImageMagick/ImageMagick6/issues/430
 CVE-2026-47166
 	- imagemagick 8:7.1.2.23+dfsg1-1
 	NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6gxq-f64p-5w6f



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d5ede491c22f6c1c115be0e4db6741cc7a7c1b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d5ede491c22f6c1c115be0e4db6741cc7a7c1b3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260524/b8deae84/attachment.htm>