[CLSA-2026:1777046565] ImageMagick: Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2026-04-24 16:02:49 UTC
Description:
- CVE-2026-33900: fix integer truncation in viff encoder leading to heap out-of-bounds write on 32-bit builds - CVE-2026-33905: fix out-of-bounds read in -sample operation via sample:offset define - CVE-2026-34238: fix integer overflow in despeckle operation causing heap buffer overflow on 32-bit builds - CVE-2026-40310: fix heap out-of-bounds write in JP2 encoder on invalid sampling index - CVE-2026-40311: fix heap use-after-free reading and printing values from an invalid XMP profile
Updated packages:
  • ImageMagick-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:0b3cfc445d256e0060506f610986f3f0b1fa08fb70c786d32ca33d4c6e4c4517
  • ImageMagick-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:b18dfac472b75d1af46e86449b4035a2a579a692926675972726e3868bf25e6c
  • ImageMagick-c++-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:45265aefe969935f090f5946acf05c569f9a6212b4a5ea1fde8d56266466c84d
  • ImageMagick-c++-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:c773603ec24b7df5dc4ceb162885e949c3a162cab93f8d5c530b5a51e8692413
  • ImageMagick-c++-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:4ac57be2d0cbe16b107f33a02cc58553f5e9314c85e317a8bed01d95041378ee
  • ImageMagick-c++-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:5e108f621aeb91fa396996bc3f88d29e57d985f50a725f9f5491ed978a972a90
  • ImageMagick-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.i686.rpm
    sha:b4182126e81ec84aa99b5c2841d92f17f2ca955d41d70312d8eed1aca842385a
  • ImageMagick-devel-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:a35027745abf1e3cace7aa5dd46bf4657d75b66e71428dcfc32674e864f94b46
  • ImageMagick-doc-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:d5a5a4824a1eb71fda4d507ec2f7003ac99a1b645c0f84eeafcc766cf851e80b
  • ImageMagick-perl-6.9.10.68-7.0.3.el7_9.tuxcare.els12.x86_64.rpm
    sha:ed3eae778bca9fab28122cf13533bfcda99baf344dd7eb4dd24ce0dce24049c9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.