|
|
Log in / Subscribe / Register

Debian alert DSA-6298-1 (imagemagick)



From:
              Moritz Muehlenhoff <jmm@debian.org>


To:
              debian-security-announce@lists.debian.org


Subject:
              [SECURITY] [DSA 6298-1] imagemagick security update


Date:
              Tue, 26 May 2026 20:34:08 +0000


Message-ID:
              <ahYDwEgUqyVymF8Q@seger.debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6298-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 26, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : imagemagick
CVE ID         : CVE-2026-42050 CVE-2026-42326 CVE-2026-45031 CVE-2026-45358 
                 CVE-2026-45359 CVE-2026-45624 CVE-2026-45664 CVE-2026-46520 
                 CVE-2026-46521 CVE-2026-46522 CVE-2026-46523 CVE-2026-46557 
                 CVE-2026-46559 CVE-2026-46692 CVE-2026-46693 CVE-2026-47165 
                 CVE-2026-47166

Multiple security vulnerabilities were discovered in imagemagick,
a software suite used for editing and manipulating digital images, which
could lead to denial of service, information disclosure or potentially
arbitrary code execution if malformed images are processed.

For the stable distribution (trixie), these problems have been fixed in
version 8:7.1.1.43+dfsg1-1+deb13u9.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmoWA4oACgkQEMKTtsN8
Tjb5+g/+KNpTuFre59rEOeDMlWpbhZILQkTo5BgYcLsBjAcceqf1/BV8hhFX34nz
msacs0tunvMS9WM4WYvAV6RxNIyeFZOW2v8UY1ZMBV2kKJ6ZresMGycNXCIPhbRS
mvZ/gXn8OuJh3h0PttgvsaVdUhOHKbyNnJ24PiLi6pSh27fzzLb/IOqMI7SN2RMq
R0gxIL9k4GSHNerE5p3pwoLVye44rxyQx9YLWGLJyJvuCWjgly7OGxb8LUEbtgFb
bWyM3xQk11mLoB7XyNNtnysycV0SOPpaI/8un+nfBTP7dRneYpBUAo5K7ap4AWYZ
crOT4IuQ81esvZvot6+OKt3mJIpAqLNW7IwO6zGkUHUPiOt0Y8fA31tofveCORM7
sOmqb1rvJX5nRR8H9TmdByiGjkpf39RyigDuxbITDnQZ1XmtvZA5Up/6CfyNkoI9
1DzgeRgJq6vZ8Lyz/riaoSZOdn569LS5jQQ9yck2JM6nGF9zLOP36rCtwzwh1UiL
Z/DSZoWTFug8nnfEs0BJhgBuQsjVmQ3JbB5X5JzBk0Ssg/XY2gonQAvkRca8cN05
QIj+K9sO+/KfHH0JfY9tLBgDz1HuSCkDNBl51JdqTdZTX2xjFHxYq7nwi7W2wLUC
RErahDqNfmGfhUcOWh6W1o/IMm/P5vi8ZOhcqUuze3YcFVXyw7A=
=f52Q
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds