[CLSA-2026:1777045265] ImageMagick: Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2026-04-24 18:35:43 UTC
Description:
- CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit builds - CVE-2026-40310: fix heap out-of-bounds write in JP2 encoder on invalid sampling index - CVE-2026-40311: fix heap use-after-free reading and printing values from an invalid XMP profile
Updated packages:
  • ImageMagick-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:60d57673e0fe668abeb4584fee2baf6276a2c2b673d8fb25a5d7680413520d9e
  • ImageMagick-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:fb7daeefff7ba9b88afa5e18a6fc04f88b56f81815a3900b6d58bf48bbbf8c9e
  • ImageMagick-c++-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:8cf48c4e31654a4c309a661b5259dbb81765a1983bfe4c27f3b3e0f98f0f09c4
  • ImageMagick-c++-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:31c9e8cbe907ec5d40906773a240163239c2563ecceb1321915e75e621e7cda6
  • ImageMagick-c++-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:2f249026574abaa6d42041eca37e37feea9fddd98bd391bb7aca022d49e6220c
  • ImageMagick-c++-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:fdd8d694a1db3d188e1e80ab50a411aa72c65c5c46c08d73b733fe46414f9ad4
  • ImageMagick-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:aee8766459e70d5d38e39eb233d4170b4bf909024ea5c0b03702fb817cec6035
  • ImageMagick-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:ac07f5cb0ca6cdbe97213da6816311cc3bd4f962670a80c57430f52192a0fe5f
  • ImageMagick-doc-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:5ce585efe623ef93575b5eb9c5382a7800dc7f6cd181b5fc84ce433a2bd74b81
  • ImageMagick-perl-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:ed17b45c53de293568c3f715e0c4e05cf511ccc7a43881b9e692e6b0cd818b2b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.