Groups | Search | Server Info | Login | Register

Groups > linux.debian.announce.security > #4813

[SECURITY] [DSA 6245-1] imagemagick security update

From Moritz Muehlenhoff <jmm@debian.org>
Newsgroups linux.debian.announce.security
Subject [SECURITY] [DSA 6245-1] imagemagick security update
Date 2026-05-03 17:10 +0200
Message-ID <MQGCe-2jap-21@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6245-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 03, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : imagemagick
CVE ID         : CVE-2026-25971 CVE-2026-33899 CVE-2026-33900 CVE-2026-33901 
                 CVE-2026-33905 CVE-2026-33908 CVE-2026-34238 CVE-2026-40310 
                 CVE-2026-40311

Multiple security vulnerabilities were discovered in imagemagick, a
software suite used for editing and manipulating digital images, which
could lead to denial of service, information disclosure or potentially
arbitrary code execution if malformed images are processed.

For the oldstable distribution (bookworm), these problems have been fixed
in version 8:6.9.11.60+dfsg-1.6+deb12u9.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmn3YO8ACgkQEMKTtsN8
TjaM5RAAuZOn+hRQo4pBBTLEnfu5WuIATOh8xy8hNRgfS76LoQMQNh8VetMEO26u
muoumhjcfXj1nTlbvO8L9laF7xlTpatW1CDRYtaiJFwLODNl45qACn43AJ0R4YF8
v4Eem7XSX8ic+ZvGE+taPp0Jr8zscWyL7KrvSOlRiCKuQ4MrGqvFhA/UU0IIPELM
+dinoGCv9njMCOEWP+GOpAMzkr4OHkF8HYr0pGrLxiBR7w7oryPBQYIS3+6622Mk
jQvmw3AdziClBgQThkLjd9ah884QgtfATHwXSwS+O6hxWbwIHQmWSpiuW8xNwv51
EVQwRuAxfvjbntMS5rkVBQXc5EOgmXLODhsyGtGT0PYZLLmYHyyUIqykOZnM+e31
UTZuPuhBvWmqX1wbWxpJtiRHWTAa5sCaSWxmapJ1tmptxes1aA8arHM6tWHWzvID
jlmOe0quklRtr45STLzejWzTKJnyJ1G41J0iKkrDKCpsyp6SE7KkzxzC9WzfYoYE
+rP6wdr1M5ZBIf7TxnBu1kbTBKXWzUDxX4aU9N6a/P5YvfmEfZwuG9qMGlMN3RHZ
x5UiRS7FesJ9uKH90rtvTyfLgiIK1jr3xNvvixrIC78g+mKC2vKjSX7lZ6wh1ffj
DxnWuyHiETewXdska5DEps4+cXitS3zYE9vJ8Dd6Aqo+61QKzms=
=035l
-----END PGP SIGNATURE-----

Back to linux.debian.announce.security | Previous | Next | Find similar

Thread

[SECURITY] [DSA 6245-1] imagemagick security update Moritz Muehlenhoff <jmm@debian.org> - 2026-05-03 17:10 +0200

csiph-web