[Pkg-gmagick-im-team] imagemagick_7.1.2.23+dfsg1-1_source.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Fri May 22 20:05:15 BST 2026 

Thank you for your contribution to Debian.



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 22 May 2026 16:53:26 +0200
Source: imagemagick
Architecture: source
Version: 8:7.1.2.23+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team at lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca at debian.org>
Changes:
 imagemagick (8:7.1.2.23+dfsg1-1) unstable; urgency=medium
 .
   * New upstream version
   * Fix CVE-2026-42326:
     Heap Buffer Over-Read in IPTC encoder.
   * Fix CVE-2026-45031:
     Policy Bypass in PSD decoder.
   * Fix CVE-2026-45358:
     Heap Buffer Over-Read of a single byte in meta encoder.
   * Fix CVE-2026-45359:
     Heap Buffer Over-Read in connected components when
     the user supplies an invalid keep-top define.
   * Fix CVE-2026-45624:
     Heap Buffer Over-Read of 24 bytes in distort operation.
   * Fix CVE-2026-45664:
     Policy Bypass in MNG decoder.
   * Fix CVE-2026-46520:
     Heap Buffer Over-Write in IPL decoder when reading multiple
     images of different dimensions.
   * Fix CVE-2026-46521:
     Heap Buffer Over-Write in MIFF encoder when using LZMA compression.
   * Fix CVE-2026-46522:
     Infinite Loop in the MIFF decoder can lead to CPU exhaustion.
   * Fix CVE-2026-46523:
     Use-After-Free in MSL decoder.
   * Fix CVE-2026-46557:
     Stack overflow in fx operation.
   * Fix CVE-2026-46559:
     Heap Buffer Over-Write of a single byte in the JP2 encoder.
   * Fix CVE-2026-46692:
     Heap Buffer Over-Write in distributed pixel cache server.
   * Fix CVE-2026-46693:
     A Race Condition in distributed pixel cache server
     can result in file descriptor hijacking.
   * Fix CVE-2026-47165:
     Information Disclosure in distributed pixel cache server
     because it is not using a challenge–response authentication model.
   * Fix CVE-2026-47166:
     Heap Buffer Over-Read in distributed pixel cache server.
Checksums-Sha1:
 4b4ab3f299e273f5b2f2869a3bf6ab9b41994662 5202 imagemagick_7.1.2.23+dfsg1-1.dsc
 b4911aeaccaabcb25a1ddf4a7a3a87b808dd36e8 10541736 imagemagick_7.1.2.23+dfsg1.orig.tar.xz
 914b28f1f8f2930cf7075cd3969b2bc42a0f880b 272404 imagemagick_7.1.2.23+dfsg1-1.debian.tar.xz
 0e5369be86d407cfd80c91b4701fa2fd3bc54575 8682 imagemagick_7.1.2.23+dfsg1-1_source.buildinfo
Checksums-Sha256:
 7371f44468e7eefe22dde6843f88f7e58397af74a7c4e0a085092294be060a93 5202 imagemagick_7.1.2.23+dfsg1-1.dsc
 7a1d744858b1bb409183e867700303e635f4ed7617599ca8f056943d184c75c4 10541736 imagemagick_7.1.2.23+dfsg1.orig.tar.xz
 3c7bd8c6067a57d8669af8b3e82f453ca14375c84aeead5e11d9de0504f92f33 272404 imagemagick_7.1.2.23+dfsg1-1.debian.tar.xz
 73b58a14b5831e2f76b8d67c17f181a7709ddd938309f53b301f5039951ff6f9 8682 imagemagick_7.1.2.23+dfsg1-1_source.buildinfo
Files:
 2ff3edd1981de7e0dbaa4bbf94a3a41e 5202 graphics optional imagemagick_7.1.2.23+dfsg1-1.dsc
 2abb9272ee3f4b57fbd64e50b22ba44c 10541736 graphics optional imagemagick_7.1.2.23+dfsg1.orig.tar.xz
 24a6147a63a9b8db1226f309a1e6f14f 272404 graphics optional imagemagick_7.1.2.23+dfsg1-1.debian.tar.xz
 121e4d9009e8fd7362a21941797c49c5 8682 graphics optional imagemagick_7.1.2.23+dfsg1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

wsG7BAEBCgBvBYJqEKZvCRAAOhotqkEIX0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmePnG11jOY/rVoo6GkWMYAE7kfIkgvky69W0JG83Zyh
4BYhBF0Bh7lAokW617D1agA6Gi2qQQhfAAC6hg//dcyZs7K5f41RnVmBt392e8kw
20UAKmhHMEViAdeAaBvHdLT4x+9jf2fYPBrewDJsVzGJr8zPD9zbavKVYwwUSC2T
IZu5U+H688rplRdDZfo+7Hb0AVUm09KIw60shj/7K8/Y2DMNBb5xJzU6Rgk9GKZF
nLFPEvWn2OnDzrX7t+AN157p4potA+Ujp454i1ZUqgOmsmi34LuKtB2k3VtK4xKC
u7z6XrE7ppNMHI0q8C8kXxOfLcn6uIKY8DNgho/mZf33+o/EzIoJXwXnQ3AEX3s9
3IlqMtVf4CfI56vcv/Oh94XR9XGfmyrZyrPGxSh9D1dUt6s1PVnXJ+gFFk7Dhgjm
SMCm0ROYX/r5EjgDGXln8g3+2DzwPHicWHppDoJeHn1lpSTVi+luDTR+nPn7CFK/
gJPagOKjKSVThDci7RiKms2w9W+TZawj22veDPh57VPPfvsYh9agWLw3lC4qQVjn
HoV9GGQ8ee917wECbAyyiBMIWQNpbSNm+E5Qjh1fW6NO5gPvGmzuvQhldQ1xpW+j
eYjHRioJOg0tHDPNqRfZwxGuCjK+Ik025X+PBc+ayBdifhix32C49QEEhJlGCxAr
HU/tZb/U4JhzDocY8BVF/HrZqHiIvlwuN2BFNrKDoFsyfRJMZpUNuO6kd4ZYhJGf
K6/LLvD5RrYSG4yLu08=
=WCwb
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gmagick-im-team/attachments/20260522/20f8a8bb/attachment.sig>

More information about the Pkg-gmagick-im-team mailing list