[Pkg-gmagick-im-team] imagemagick_6.9.11.60+dfsg-1.6+deb12u8_source.changes ACCEPTED into oldstable-proposed-updates->oldstable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Tue Apr 14 21:41:36 BST 2026 

Thank you for your contribution to Debian.

Mapping oldstable-security to oldstable-proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 12 Apr 2026 21:57:53 +0200
Source: imagemagick
Architecture: source
Version: 8:6.9.11.60+dfsg-1.6+deb12u8
Distribution: bookworm-security
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team at lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca at debian.org>
Changes:
 imagemagick (8:6.9.11.60+dfsg-1.6+deb12u8) bookworm-security; urgency=high
 .
   * Fix a regression for CVE-2026-25796
   * Fix CVE-2026-25985:
     A crafted SVG file containing an malicious element causes ImageMagick
     to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort.
   * Fix CVE-2026-26284:
     ImageMagick lacks proper boundary checking when processing Huffman-coded
     data from PCD (Photo CD) files. The decoder contains an function that
     has an incorrect initialization that could cause an out of bounds read.
   * Fix CVE-2026-26983:
     The MSL interpreter crashes when processing a invalid `<map>`
     element that causes it to use an image after it has been freed.
   * Fix CVE-2026-28494:
     A stack buffer overflow exists in ImageMagick's morphology kernel
     parsing functions. User-controlled kernel strings exceeding a buffer
     are copied into fixed-size stack buffers via memcpy without bounds
     checking, resulting in stack corruption.
   * Fix CVE-2026-28686:
     A heap-buffer-overflow vulnerability exists in the PCL encode due to
     an undersized output buffer allocation.
   * Fix CVE-2026-28687:
     A heap use-after-free vulnerability in ImageMagick's MSL decoder
     allows an attacker to trigger access to freed memory by crafting
     an MSL file
   * Fix CVE-2026-28688:
     A heap-use-after-free vulnerability exists in the MSL encoder,
     where a cloned image is destroyed twice. The MSL coder does not
     support writing MSL so the write capability has been removed
   * Fix CVE-2026-28689:
     domain="path" authorization is checked before final file open/use.
     A symlink swap between check-time and use-time bypasses
     policy-denied read/write
   * Fix CVE-2026-28690:
     A stack buffer overflow vulnerability exists in the MNG encoder.
     There is a bounds checks missing that could corrupting the stack
     with attacker-controlled data.
   * Fix CVE-2026-28691:
     An uninitialized pointer dereference vulnerability exists
     in the JBIG decoder due to a missing check.
   * Fix CVE-2026-28692:
     MAT decoder uses 32-bit arithmetic due to incorrect parenthesization
     resulting in a heap over-read.
   * Fix CVE-2026-28693:
     An integer overflow in DIB coder can result in out of bounds
     read or write.
   * Fix CVE-2026-30883:
     An extremely large image profile could result in a heap overflow
     when encoding a PNG image
   * Fix CVE-2026-30936:
     A crafted image could cause an out of bounds heap write inside the
     WaveletDenoiseImage method. When processing a crafted image with the
     -wavelet-denoise operation an out of bounds write can occur.
   * Fix CVE-2026-30937:
     A 32-bit unsigned integer overflow in the XWD (X Windows) encoder
     can cause an undersized heap buffer allocation. When writing
     a extremely large image an out of bounds heap write can occur.
   * Fix CVE-2026-31853:
     An overflow on 32-bit systems can cause a crash in the SFW decoder
     when processing extremely large images.
   * Fix CVE-2026-32259:
     When a memory allocation fails in the sixel encoder it would be
     possible to write past the end of a buffer on the stack.
   * Fix CVE-2026-32636:
     The NewXMLTree method contains a bug that could result
     in a crash due to an out of write bounds of a single zero byte
   * Fix CVE-2026-33535:
     An out-of-bounds write of a zero byte exists in the X11 `display`
     interaction path that could lead to a crash.
   * Fix CVE-2026-33536:
     Due to an incorrect return value on certain platforms a pointer is
     incremented past the end of a buffer that is on the stack and
     that could result in an out of bounds write
Checksums-Sha1:
 7ffbb8ee55e0361b83360c7e42a387eea7f728f9 5105 imagemagick_6.9.11.60+dfsg-1.6+deb12u8.dsc
 824a63dce5e54bd8b78077d671d8ab06300a8848 9395144 imagemagick_6.9.11.60+dfsg.orig.tar.xz
 856ea3136f98daf87f829027fbcbc020c02a41fc 320480 imagemagick_6.9.11.60+dfsg-1.6+deb12u8.debian.tar.xz
 97792f112e94eee1c5b1a2e3603f9078b82dd23d 8485 imagemagick_6.9.11.60+dfsg-1.6+deb12u8_source.buildinfo
Checksums-Sha256:
 be33aab0ffb7122333a22f89afda0c872304c37d68db4425040365842cbd8696 5105 imagemagick_6.9.11.60+dfsg-1.6+deb12u8.dsc
 472fb516df842ee9c819ed80099c188463b9e961303511c36ae24d0eaa8959c4 9395144 imagemagick_6.9.11.60+dfsg.orig.tar.xz
 77abe4965d1582fb9eac30605b8b48de27c0b4934d910560806dad01227664e9 320480 imagemagick_6.9.11.60+dfsg-1.6+deb12u8.debian.tar.xz
 d7c8be9c6cdced93c41a56a21d3e11206e70fe2898e61ab4803588ccdb2d8bf6 8485 imagemagick_6.9.11.60+dfsg-1.6+deb12u8_source.buildinfo
Files:
 82da4869f369a4ebe1a73ce17b3eabd8 5105 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u8.dsc
 8b8f7b82bd1299cf30aa3c488c46a3cd 9395144 graphics optional imagemagick_6.9.11.60+dfsg.orig.tar.xz
 1b34ad7c7c15099a4c948cb9893bffb3 320480 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u8.debian.tar.xz
 7c9ab43c1537a2bb8f10592e5a62cb05 8485 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u8_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmneVCEACgkQADoaLapB
CF/QtA/+KFpRjgX08B/byDB30AoQI/qJp2wwfOgIbPWVw90xyrnoBnEy6B3w2/7R
RupQ1yksFCiE/lj/sFGQ4+NSGqddwtD8dEY2PEj2+tD7YEPr6Fo0DEF7qRa2gX6l
4C7gTQEaQFl8tbROiucvuY+jt7reMXqMI8PHwGCh6C+eEKiFN0RkMsgFG7Qxl1jL
L36yjIi+yJm8a/Uou2KxfZhQ8sykZYFVlCnCx7yBXj6L/JXdf4ztxXj3nLY5zwjx
MnZwFQhoK8U9T0pQtOYzkwRCHDgHqitMYWVP0eChiSu96RrCHQnBFB4LrpxYWV8q
/AGWYvFFlCY0GWYzSPj4Z9ln7tmPftYfiNM9hjugNtPQZa7coW+M7cfrFDEWbRk2
fCQJo1J28YVniIiH8HvnVYb9SV5x/ASHGpKLWuRGbcGagoX8ulqeT1x1fyGTIVa5
MlAdeTL7Y73hIUgQJLrAoxW1dFNp8rso5h2jzS4S3H7H3w4a4eK6yfdici2IMaXh
5aB5Y2Sz2RASSULSO3PqJegZRFE4kldDL8o+ZEQzWFhHz98ZG3zQO6V9lymX0cJN
/gnb10zD8ySZZGFv8Rf40C7nia6cCiDSYvZG7NVwI6ZXqytXYkcRyz31D1+XZgmA
KHSB/SVQepPu3/TMJqxc/XtdMMNsZ9tdmrLzaCZzHs6Oq2FeP/8=
=EPHz
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gmagick-im-team/attachments/20260414/b716be81/attachment.sig>

More information about the Pkg-gmagick-im-team mailing list