[CLSA-2026:1777047310] ImageMagick: Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2026-04-25 08:43:28 UTC
Description:
- CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit builds - CVE-2026-40310: fix heap out-of-bounds write in JP2 encoder on invalid sampling index - CVE-2026-40311: fix heap use-after-free reading and printing values from an invalid XMP profile
Updated packages:
  • ImageMagick-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:85ef66eb6b6257e64bdadf8e0bfc937b1773ae26a1539c7c12cc7e2df1357ebd
  • ImageMagick-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:91b3070f6306d651e42f152bb1fdbe29236168fff7bc2ef71f5e4f70ab8cc8ff
  • ImageMagick-c++-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:98923565ada9c68a179b3e3127e538a7b01636224c6c4137e191e3d158436b9b
  • ImageMagick-c++-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:6cb0cf556ce3503a59618dbbc661f2d7bd2986c6c87241c3acd00c1c8171028d
  • ImageMagick-c++-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:b25a30935221d2b524db678a6d977c22dec8d6cfa61e938512036791aa4173ce
  • ImageMagick-c++-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:0da5d74f0d13b25395962e86b4f4175b1f534d8f30b5d7ba3ea685947e4b043e
  • ImageMagick-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:f3bacb8e988a7e1021fb1ca1fcd4ea4c3cb84e01070ecd25906445df98d6e5c8
  • ImageMagick-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:7bef40a475a21df5f7beb8ac25a9c1036b0d139a8207969b1a53cf1c7e33c276
  • ImageMagick-doc-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:f7a4406581a83d257edc5ec8f981aa26101ccd6ca5c8b67d63599368f111770d
  • ImageMagick-perl-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:067dc730730b352a698e510295998a17ed6a807f46681af5441301ccbbe93c99
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.