Groups | Search | Server Info | Login | Register

Groups > linux.debian.announce.security > #4807

[SECURITY] [DSA 6240-1] imagemagick security update

From Moritz Muehlenhoff <jmm@debian.org>
Newsgroups linux.debian.announce.security
Subject [SECURITY] [DSA 6240-1] imagemagick security update
Date 2026-05-01 17:40 +0200
Message-ID <MPY8a-1NMg-3@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6240-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 01, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : imagemagick
CVE ID         : CVE-2026-32636 CVE-2026-33535 CVE-2026-33536 CVE-2026-33899 
                 CVE-2026-33900 CVE-2026-33901 CVE-2026-33902 CVE-2026-33905 
                 CVE-2026-33908 CVE-2026-34238 CVE-2026-40169 CVE-2026-40183 
                 CVE-2026-40310 CVE-2026-40311 CVE-2026-40312

Multiple security vulnerabilities were discovered in imagemagick, a
software suite used for editing and manipulating digital images, which
could lead to denial of service, information disclosure or potentially
arbitrary code execution if malformed images are processed.

For the stable distribution (trixie), these problems have been fixed in
version 8:7.1.1.43+dfsg1-1+deb13u8.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmn0xHQACgkQEMKTtsN8
TjZBYhAAqV8IhMdxjjh/rxVaIBdh1keDyDZjAx8D+x3BaRsVnUFYkh49AK7SPrFS
RxEGXPM2gVQmzzQy1wjN3HisqrlOHlwBffAuvA0i9q6BOddCVYS3/6n0eHIbeWg/
8UxbvzOKxfW5gyuxudd/WsK9sjnHDlttNdHu6PUlU3WuUqyISOkviDrIU4Wi0iU7
soVcEYq7P0gJDXglvpaWBEfdohxsLmHgL+A35PKN9R6ItuaGTKWXE6usFx6IW3zA
S5KrQiGmxoeKYlqHrMNpq65WJAPkeV++JYwpRlfX4dMH/z7fxRSbTXSurOx82mma
PD7CetBvwUOhDcqgFJUK53pkP2ooVJWjw/1yHMVLy4YWpxzPo+h44Nn3SdKW60xK
H6NHrsfhr3KtidKTjANqR+3kS0rsf8yN1N4QPe9OueNcdHWCjLw+P6etc34YJwr7
XvW7Z9zu9XWgV8beZFO4JcMBaULB9r4eksPtBKXdGMRujhhciZtNuBRxJaXa/GlR
ZBaQa29GuhdeyN/k0rS9G5ICUgNyKStXdqJBQlMkrIJXKr7HYpW0j9z7SKCSQ+oX
aBbBPVExUvdeikma6h1ZwqoQ4Svmb7zM5SfHuzaPYTnRBH7wtgW6G0qr/ijcDWND
1MBCfBH4qU8AECqXk+RAt+SBPokIbu9LTw8G0EU8c0dp0C6mHgA=
=J+FD
-----END PGP SIGNATURE-----

Back to linux.debian.announce.security | Previous | Next | Find similar

Thread

[SECURITY] [DSA 6240-1] imagemagick security update Moritz Muehlenhoff <jmm@debian.org> - 2026-05-01 17:40 +0200

csiph-web