-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 02 Jul 2026 22:08:14 +0200 Source: imagemagick Architecture: source Version: 8:7.1.1.43+dfsg1-1+deb13u11 Distribution: trixie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Changes: imagemagick (8:7.1.1.43+dfsg1-1+deb13u11) trixie-security; urgency=medium . * Fix CVE-2026-53466: An integer overflow in the XCF decoder can result in an out of bounds read when a crafted image is read, potentially resulting in a crash. * Fix CVE-2026-53467: The MNG decoder contains a possible heap information disclosure vulnerability because part of the pixels are left unchanged. * Backport MagickCore/draw.c from 7.1.2-26 * Fix CVE-2026-55577: A heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. * Fix CVE-2026-55594: A missing depth check in the MVG decoder will result in a stack overflow when a crafted image is provided. * Fix CVE-2026-55597: An incorrect handling of arguments can cause a heap buffer over-write in the JP2 encoder * Fix CVE-2026-55628: The `-concatenate` operation is missing policy checks, potentially resulting in both reading and writing to paths disallowed by the security policy. * Fix CVE-2026-56361: Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing single pixel memory access violations. * Fix CVE-2026-56363: An attacker can supply a large binomial kernel value causing integer overflow, resulting in division by zero and application crash. * Fix CVE-2026-56364: A memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access to the OpenCL cache directory can place malicious XML files to exhaust memory and cause denial of service. * Fix CVE-2026-56365: A memory leak vulnerability in the PNG encoder when writing MNG images. * Fix CVE-2026-56367: An integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) that causes a heap out-of-bounds read on 32-bit builds. * Fix CVE-2026-56368: A memory leak vulnerability in multiple coders that write raw pixel data where allocated objects are not properly freed. Attackers can trigger this leak by processing specially crafted images, causing memory exhaustion and denial of service. * Fix CVE-2026-56370: ImageMagick contains an out-of-bounds access vulnerability in ConnectedComponentsImage() when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of service or potential code execution. * Fix CVE-2026-56371; A memory leak in coders/txt.c when processing TXT files with texture attributes: the texture object allocated via ReadImage is not released when GetTypeMetrics fails, leaking memory each time a crafted TXT file with a texture attribute is processed. * Fix CVE-2026-56376: A heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it by processing specially crafted image files, causing a denial of service. * Fix CVE-2026-56377: ImageMagick contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. * Fix CVE-2026-56378: ImageMagick contains a heap out-of-bounds read in the PCD coder's DecodeImage loop. A crafted PCD file can trigger a one-byte heap out-of-bounds read during image decoding, resulting in denial of service and potential disclosure of an adjacent heap byte. Checksums-Sha1: f390b6441b8b4baa73202d5f80660da3b9fd7419 5165 imagemagick_7.1.1.43+dfsg1-1+deb13u11.dsc 103af0af388a733c043845b228cf3031c16d859b 10501740 imagemagick_7.1.1.43+dfsg1.orig.tar.xz 6f417a41f7f20ec7063620a9d172245fd3867e7d 360084 imagemagick_7.1.1.43+dfsg1-1+deb13u11.debian.tar.xz 198e89146e9658d7ab4da06c19275a14bd57965b 8551 imagemagick_7.1.1.43+dfsg1-1+deb13u11_source.buildinfo Checksums-Sha256: 66108f89a7dd1b650bfc4358841a31be0038559aadaad8f3fb3faa8c238899fe 5165 imagemagick_7.1.1.43+dfsg1-1+deb13u11.dsc bcb4f3c78a930a608fa4889f889edbcb384974246ad9407fce1858f2c0607bfe 10501740 imagemagick_7.1.1.43+dfsg1.orig.tar.xz f29aebfd4c6d734e708df683d0bdabf2ccab181f52ac932cf7ec5d94dcf1473b 360084 imagemagick_7.1.1.43+dfsg1-1+deb13u11.debian.tar.xz c5cf896a1868631d4847b7573106b2b3d3f696671a4e215aa1e1762b47ffea10 8551 imagemagick_7.1.1.43+dfsg1-1+deb13u11_source.buildinfo Files: a4930c68b50c701e02b7b33cc6658ae4 5165 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u11.dsc 01cfb13a7c1813afb50790e431358c6c 10501740 graphics optional imagemagick_7.1.1.43+dfsg1.orig.tar.xz 2637ef7d7f0caf88d148dd861793c1e1 360084 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u11.debian.tar.xz f18d58dccbd691c5fdc8482751d411b0 8551 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u11_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmpLyGUACgkQADoaLapB CF/fIRAAqzbRoO3PMhhhjD/LknwAQS1JewnoSv964Sl2Wh1wvJTNftsKyxMccw7d 5ZSAqRg8bqEokT+17j55wjToEd75i9Fst4pNyqclsGIA8VaPINBG+Vm7K5XgGB05 vxeR/ayKz+c6LzMNeRqryRyM6gEVDJWKBcmYZ9GeGK16wM85D+6dAgNiPO8IcDDC ZL40qW6cWmqooQoPXtyzQRbdkggUSWJf1rT8GKcdbx6sf7ATyyoQ+i0q4TBzKqL0 rgLqSHQvRG7zN12xh+aSojHfsJ68V2QnUl4HO/77vtmP+i+zM+u4PYk0RK5k4z7x mVkmL2U/B/WFTV955rKK7wPr1bF3akT1gRDAh14MReScYbsW/awqPfp+i6XNzY2w 7s3tYyD2G9BOFajatG5bCHA3qEDh/XI837Ruy7x9CeVEn9T7bpSEaUAdlcjxj9nP O0QK7wE9LlNrOX/0KxWhgYRt+C9yG+UT0RNSlzQVtq1/1yOFV3jhNG/NXBgR7aTo ZRclnn11OLC+vHlK0QrrlBFmYL8/WITaO+BOJNoznl5PONjpuMU7xzTJZR5E7Zep JbmyRGA3CuFGUsZz+lqw+MKIhhIJUk0tpQXrPNG+igVnm0pDI45O7MQDD95ezFp6 FR9sVKkuSYKvbcWwRpwM43lbK147bN43l6iIVNDc7cXUTTQtr6c= =3W3S -----END PGP SIGNATURE-----