Debian 10984 Published by

Debian issued advisories DSA-6383-1 and DSA-6382-1 to patch security flaws in ImageMagick and Postfix for the trixie stable release. The ImageMagick update fixes sixteen vulnerabilities that could trigger denial of service attacks, expose private data, or allow attackers to run unauthorized code through malicious image files.

[DSA 6383-1] imagemagick security update
[DSA 6382-1] postfix security update




[SECURITY] [DSA 6383-1] imagemagick security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6383-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 07, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : imagemagick
CVE ID : CVE-2026-53466 CVE-2026-53467 CVE-2026-55577 CVE-2026-55594
CVE-2026-55597 CVE-2026-55628 CVE-2026-56361 CVE-2026-56363
CVE-2026-56364 CVE-2026-56365 CVE-2026-56367 CVE-2026-56368
CVE-2026-56370 CVE-2026-56371 CVE-2026-56376 CVE-2026-56377
CVE-2026-56378

Multiple security vulnerabilities were discovered in imagemagick, a
software suite used for editing and manipulating digital images, which
could lead to denial of service, information disclosure or potentially
arbitrary code execution if malformed images are processed.

For the stable distribution (trixie), these problems have been fixed in
version 8:7.1.1.43+dfsg1-1+deb13u11.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[SECURITY] [DSA 6382-1] postfix security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-6382-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 07, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : postfix
CVE ID : not yet available

Multiple security vulnerabilities were discovered in the Postfix mail
transport agent, which could result in denial of service.

For the stable distribution (trixie), this problem has been fixed in
version 3.10.12-0+deb13u2.

We recommend that you upgrade your postfix packages.

For the detailed security status of postfix please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/postfix

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/