- last updated:
There are 2 open security issues in buster.
Please fix them.
2 important issues:
- CVE-2019-12921: In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG.
- CVE-2020-10938: GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.