-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 22 Apr 2026 16:06:47 +0200
Source: imagemagick
Architecture: source
Version: 8:7.1.1.43+dfsg1-1+deb13u8
Distribution: trixie-security
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 imagemagick (8:7.1.1.43+dfsg1-1+deb13u8) trixie-security; urgency=high
 .
   * Fix CVE-2026-32636:
     The NewXMLTree method contains a bug that could result
     in a crash due to an out of write bounds of a single zero byte
   * Fix CVE-2026-33535:
     An out-of-bounds write of a zero byte exists in the X11 `display`
     interaction path that could lead to a crash.
   * Fix CVE-2026-33536:
     Due to an incorrect return value on certain platforms a pointer is
     incremented past the end of a buffer that is on the stack and
     that could result in an out of bounds write.
   * Fix CVE-2026-33899:
     When `Magick` parses an XML file it is possible that a single
     zero byte is written out of the bounds
   * Fix CVE-2026-33900:
     The viff encoder contains an integer truncation/wraparound issue
     on 32-bit builds that could trigger an out of bounds heap write,
     potentially causing a crash
   * Fix CVE-2026-33901:
     a heap buffer overflow occurs in the MVG decoder that
     could result in an out of bounds write when processing a
     crafted image.
   * Fix CVE-2026-33902:
     a stack overflow vulnerability in ImageMagick's FX expression
     parser allows an attacker to crash the process by providing a
     deeply nested expression.
   * Fix CVE-2026-33905:
     The -sample operation has an out of bounds read when
     an specific offset is set through the `sample:offset`
     define that could lead to an out of bounds read.
   * Fix CVE-2026-33908:
     Magick frees the memory of the XML tree via the `DestroyXMLTree()`
     function; however, this process is executed recursively with no
     depth limit imposed. When Magick processes an XML file with
     deeply nested structures, it will exhaust the stack memory,
     resulting in a Denial of Service (DoS) attack
   * Fix CVE-2026-34238:
     An integer overflow in the despeckle operation causes
     a heap buffer overflow on 32-bit builds that will result
     in an out of bounds write.
   * Fix CVE-2026-40169:
     A crafted image could result in an out of bounds heap write
     when writing a yaml or json output, resulting in a crash.
   * Fix CVE-2026-40183:
     The JXL encoder has an heap write overflow when a user specifies
     that the image should be encoded as 16 bit floats.
   * Fix CVE-2026-40310:
     A heap out-of-bounds write was found in the JP2 encoder when a user
     specifies an invalid sampling index.
   * Fix CVE-2026-40311:
     A heap use-after-free vulnerability was found that can cause a
     crash when reading and printing values from an invalid XMP profile.
   * Fix CVE-2026-40312:
     An off by one error in the MSL decoder could result in a crash
     when a malicous MSL file is read.
Checksums-Sha1:
 63844ff63da29257118dba781ea5738be4b845a9 5136 imagemagick_7.1.1.43+dfsg1-1+deb13u8.dsc
 103af0af388a733c043845b228cf3031c16d859b 10501740 imagemagick_7.1.1.43+dfsg1.orig.tar.xz
 de1e347be143bb22470e50be70faf6b8155cc525 335096 imagemagick_7.1.1.43+dfsg1-1+deb13u8.debian.tar.xz
 464ca1ae1d721effd397350cdddb25e8e4b414ac 8506 imagemagick_7.1.1.43+dfsg1-1+deb13u8_source.buildinfo
Checksums-Sha256:
 78093fc2c18a42764bfe4305540320b511a1a20990a9ca9353a56aac9cc6f463 5136 imagemagick_7.1.1.43+dfsg1-1+deb13u8.dsc
 bcb4f3c78a930a608fa4889f889edbcb384974246ad9407fce1858f2c0607bfe 10501740 imagemagick_7.1.1.43+dfsg1.orig.tar.xz
 e3ab896e0d5c12fb38ad0d0d330456ed31b7d722ac40f6dbbe8115bc8f7fcbba 335096 imagemagick_7.1.1.43+dfsg1-1+deb13u8.debian.tar.xz
 7d3359adc990d18b2c81996c7fceb5adcdca0a143e6d2aa132a26a99f90ed059 8506 imagemagick_7.1.1.43+dfsg1-1+deb13u8_source.buildinfo
Files:
 1be3d9a88049d1534c72974dd398a854 5136 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u8.dsc
 01cfb13a7c1813afb50790e431358c6c 10501740 graphics optional imagemagick_7.1.1.43+dfsg1.orig.tar.xz
 597a82e18c8e5afe8f8769bd9a5ad69d 335096 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u8.debian.tar.xz
 47943840c150b548d71bd7b04d5f80a7 8506 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u8_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmnw2UcACgkQADoaLapB
CF+eZQ/+JV+VUJdzDOMOpR1StKZ5Q4FJNrszoj9fIcUVhzac3UMJFA60mD/aL+1N
v30vptQMt8wy+QeKRRPvBezRWp+7MeBIaBJwLbWqzdIYuiiPQr9o2mX++TXsCOwi
yV6G7M8QLrFPH3UE6apaKAQesNsSCm6RC5aZSW9GrlSOlz4lxPbnMpUV2Uzy2Xqs
ox5Z4mZ4fUYkyh7bmI0qQAtFhqHxttEOswsxGTSYkjRWldxtPU5RxClZEaaBADSX
Oxr1vo9sDC4OOXLmLU0rqzLzF5COu2nk6Q4CYmmtxT2hlnPA6RtJEFpR865WA0Jl
ONBSS5+BCPGkwkbgi+3M8fPBsTCsNI/PEtReyvasU5D4CjJ5KwrfBItt0eTfzEvW
B3pqVD2qzZ2EtM9+K95UDjfsKdjBnOjD2kH03h4w0Vl21uPk4k3AAJybWPZ2TSZe
YXx5UYDPhcgGEc8+v6ZZx/OneqdwgXy633kWgL+7FJ29IAYoBCfTLaQrAvWVYRm6
COPtjV2w3qrpM4ZWEAmWUcJ3XJ2V54pCir24Rze96NHkbMQHSKue37LPzbVeNIjU
efry+6oEgb4QiwxDGWmusGuf1kzwWD795D/eof8yR8L/T2xz6u2B1+2QHky328Pp
NeWRIkujRT7wHlof0GUbmtCq7YxOXftzCQFmZzPl5fLE9B8vVm8=
=AmNy
-----END PGP SIGNATURE-----