-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 22 Apr 2026 16:06:47 +0200 Source: imagemagick Binary: imagemagick-7-common imagemagick-7-doc libimage-magick-perl libmagick++-7-headers libmagick++-dev libmagickcore-7-headers libmagickcore-dev libmagickwand-7-headers libmagickwand-dev perlmagick Architecture: all Version: 8:7.1.1.43+dfsg1-1+deb13u8 Distribution: trixie-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Bastien Roucariès Description: imagemagick-7-common - image manipulation programs -- infrastructure imagemagick-7-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libmagick++-7-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-7-headers - low-level image manipulation library - header files libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-7-headers - image manipulation library - headers files libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Changes: imagemagick (8:7.1.1.43+dfsg1-1+deb13u8) trixie-security; urgency=high . * Fix CVE-2026-32636: The NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte * Fix CVE-2026-33535: An out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to a crash. * Fix CVE-2026-33536: Due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. * Fix CVE-2026-33899: When `Magick` parses an XML file it is possible that a single zero byte is written out of the bounds * Fix CVE-2026-33900: The viff encoder contains an integer truncation/wraparound issue on 32-bit builds that could trigger an out of bounds heap write, potentially causing a crash * Fix CVE-2026-33901: a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. * Fix CVE-2026-33902: a stack overflow vulnerability in ImageMagick's FX expression parser allows an attacker to crash the process by providing a deeply nested expression. * Fix CVE-2026-33905: The -sample operation has an out of bounds read when an specific offset is set through the `sample:offset` define that could lead to an out of bounds read. * Fix CVE-2026-33908: Magick frees the memory of the XML tree via the `DestroyXMLTree()` function; however, this process is executed recursively with no depth limit imposed. When Magick processes an XML file with deeply nested structures, it will exhaust the stack memory, resulting in a Denial of Service (DoS) attack * Fix CVE-2026-34238: An integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. * Fix CVE-2026-40169: A crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. * Fix CVE-2026-40183: The JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats. * Fix CVE-2026-40310: A heap out-of-bounds write was found in the JP2 encoder when a user specifies an invalid sampling index. * Fix CVE-2026-40311: A heap use-after-free vulnerability was found that can cause a crash when reading and printing values from an invalid XMP profile. * Fix CVE-2026-40312: An off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. Checksums-Sha1: 4232ec74cd6df9a5926015f89da9fbc5f8cc9132 74556 imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u8_all.deb 42bf9cd511d12658c7dcf66ebd6accb9e678d6b5 9217756 imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u8_all.deb dab3b74dbf65e7e6c71557017eb919c3f03dfdba 18661 imagemagick_7.1.1.43+dfsg1-1+deb13u8_all-buildd.buildinfo 74edba21c0b884590825177cdf6b0e7ca1cfa0dd 38908 libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u8_all.deb bc0c8c86d59bff013e8637f025311387add25b57 47648 libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 5403480f3bb7a12b7813588eeff0260677fef387 1188 libmagick++-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb 0a9caa4cbf87d4f71817ff8e882c7b60fc2c2f48 50412 libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 028970e3017e50ad305e9ee8324a56db528ef282 1164 libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb 0a444602134e238cb4c88d7a178ec084657b28fc 9864 libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 52060c078fd8ee1087adf8a10d82e690f5fec493 1144 libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb c10a0ce6a099ab3ab9cc18a1046a16609624ca58 1192 perlmagick_7.1.1.43+dfsg1-1+deb13u8_all.deb Checksums-Sha256: a49761b3e2f00835797e75bac120b3e5fcbcc55096cf19d98c9f9066fd6ef045 74556 imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u8_all.deb 8850187fa40fec59ac3394ea49bc74e7bdb8f3e0de05afb9836898869bdb3084 9217756 imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u8_all.deb 81356a94725c663fdf575fade9a8035233328490d564439dd0d201ab9b9c5a63 18661 imagemagick_7.1.1.43+dfsg1-1+deb13u8_all-buildd.buildinfo 9ebe53497487839d1a36f995fa5dd1a532c584a8618ec86775581b27727fb1b6 38908 libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u8_all.deb e19815338dc2c6414792e924c7a32771cb82194c924378bf39018e31a29977f2 47648 libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 473ed154f35bd6ee5a2031be015c38c15399d333aef278bbfadf0d68b4c51e53 1188 libmagick++-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb 7d2c4d6011228cf6831fdcf3b9e58d3f5a8f590e306e3294060a1bac484a4fe3 50412 libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 3a8531ba7e2250ae7276e0dd5c76954bc51686f9f7060d725b2cf623ae420eac 1164 libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb 17451a2f8344f7084523bbd89d0abe4a62fe9ce41d69673420b0b0cdd2ffe350 9864 libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb d7013ab125bd505fdcb7003eaa79ab30644dca7c0a1058a3e37d9fe30e57d419 1144 libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb 2c1c2391a086d917825dfd8c77b8dba15b352bde0b4c0d00d315a1cb1f4daa5e 1192 perlmagick_7.1.1.43+dfsg1-1+deb13u8_all.deb Files: ade707fa8d9e766fa6bf1ddef77538f7 74556 graphics optional imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u8_all.deb 43bc6b3d6eb266df9988af89209ed89f 9217756 doc optional imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u8_all.deb dd3ff2c687e3d23b64985f7013e527a2 18661 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u8_all-buildd.buildinfo 09431baa2d901a5a7b34493315cc6065 38908 perl optional libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u8_all.deb 525454b7325e1183a2b8b4d2ff7499eb 47648 libdevel optional libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb ec42b81076eacf86bf3c10062db69d9b 1188 oldlibs optional libmagick++-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb d0bca71c6073e53e37cf74846bb8fa29 50412 libdevel optional libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 1d8878c00f8b682776d2257794324af8 1164 oldlibs optional libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb 6dacf34bf71db6be77591db8757d0444 9864 libdevel optional libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u8_all.deb 6c8d3ea2544f69bf2b3304896a8895f9 1144 oldlibs optional libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u8_all.deb a0c460c9b7f848ff7774d056f6c1f11c 1192 oldlibs optional perlmagick_7.1.1.43+dfsg1-1+deb13u8_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmnw3ogACgkQmgPNRvTf /zeuZg/+KRw1gOuEAGh8gahOhBBDqcXhAeUQxaRcaHirVwlY80k0e75eArZ/iHOF GmVeV/0lKmDFEJ/U4hbhm2peCbeY8N42I5OUp1DbM6Z2bH1uM4YOzr2j0l1ixRmM 18qHI72Foyyp6fuUmeKgAV7K/HLdiGAtCQm9smom/utCzdcSoRTixdO0L4h3HbrK zDDYEu/yX8vfQvy92kOYqztA+k9Sl3oWWDhDeynQwf5hMhq0kZTavGwyjnBcv/Ad YvvU5ztZQb+KpUFnI5kCImeLja2juXgKp9d0eDcJi0Ux9iLSqlQAMumQVvrXXEvi f2u1sT1lR+XoWNrG01F5i+9bhgaoC4kIzxavF4q35CJXM2X2pgiyz9W4K0Kdtm+7 B0eI7wfTGvxqCR98PRQGs6CtxkJzi/9i9YY57ZvPcHR9rOIAZaHh0Bsg/NRthGus Javdx1RwXqQDkx1kmknnEb/dMFs4xuCOjt5FCk27f27KUQ00h0X6S/TcA4VTWTpJ EBJ2lmwsBZa/johWWiSO444m7UIOav5rJD5N7ylIlT+Q8WcDkC+5UwyCbldm6X2X 0Dc93Bjn8afm8wN4TrzkkHA5zw1V4u7GvmYBzbz+bZaXWnvfOnUdv96T5S+1LQmU YgE7wRW+YbcgPL4C2HfbapaHCwuuPMLaGcBXPE9PNlGixDrFNt8= =lqhn -----END PGP SIGNATURE-----