[CLSA-2026:1777070517] Fix CVE(s): CVE-2026-33900, CVE-2026-33905
Type:
security
Severity:
Important
Release date:
2026-04-24 22:42:04 UTC
Description:
* SECURITY UPDATE: integer truncation in VIFF encoder leading to out-of-bounds heap write - debian/patches/CVE-2026-33900.patch: add truncation check before AcquireVirtualMemory() call in WriteVIFFImage() in coders/viff.c - CVE-2026-33900 * SECURITY UPDATE: out-of-bounds read in SampleImage via sample:offset define - debian/patches/CVE-2026-33905.patch: rewrite SampleImage() in magick/resize.c to compute x_offset/y_offset per pixel and fetch a single virtual pixel instead of indexing a preallocated row buffer - CVE-2026-33905
Updated packages:
  • imagemagick_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:dd01192e0b00a6cb41b830144d8fcce2f02554c6
  • imagemagick-6-common_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:0d030f5310e36b2f9460cf895d10150935563dff
  • imagemagick-6-doc_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:6f9d3cae7ceb0d98e10434d24896051862c00543
  • imagemagick-6.q16_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:24ce11447d808b77e16822cfa2247fe0db769d07
  • imagemagick-6.q16hdri_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:44f526856b137dac2b2808eb7231af6af12840fe
  • imagemagick-common_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:f6cabf6757be288fe881c8adc43177c1d2fb2ea1
  • imagemagick-doc_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:267783ffd045bba44e2c76dddb59c05a2fb453ec
  • libimage-magick-perl_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:7fdf217e3281bb02495ec3a2f6f52a707435bb5f
  • libimage-magick-q16-perl_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:f0d53be10c1c141d88517f76432c5d29c7a47577
  • libimage-magick-q16hdri-perl_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:689b288d7d8fa7636b53432ca6d992eb99444154
  • libmagick++-6-headers_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:7a01b7f6fb2c544bc1278d9c59f9583f8d2017b6
  • libmagick++-6.q16-8_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:d80d12bf0a6ccf09fa5c30ceed092db0b28d8d52
  • libmagick++-6.q16-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:7ceece7fb7d588f40a8a0e6dc575d5fdc4488c21
  • libmagick++-6.q16hdri-8_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:2667912fad0b4c47dee052672f10469c906fbaed
  • libmagick++-6.q16hdri-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:4d4459e647621f0a206c9f988d4214edfde85b6d
  • libmagick++-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:308aa4791cbe4ea77324d546cdee110060c4947f
  • libmagickcore-6-arch-config_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:9d396481cc6daec656f07e5038fef959572b4d63
  • libmagickcore-6-headers_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:91ea236474c0c9579baeec01044a393a2e7fece5
  • libmagickcore-6.q16-6_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:5b55a9c9290719a21c5a5767390c93761b89afa6
  • libmagickcore-6.q16-6-extra_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:5b053105b19e2933e4e8b40e0d40c4d20a67b1df
  • libmagickcore-6.q16-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:8e77bf7f9f288fa06cfb0e85b12a101d545d95f8
  • libmagickcore-6.q16hdri-6_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:212d4c52571825e0462b8d65ae7a31fe740db5f4
  • libmagickcore-6.q16hdri-6-extra_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:bd1cbf5a94ca5eb8dbb2c4ebf8f9551bf2913ab4
  • libmagickcore-6.q16hdri-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:c11d833454b0653b1ec0aa7776592769626f90fe
  • libmagickcore-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:48c1f594933320bc5b928f05474fb3812f3e4329
  • libmagickwand-6-headers_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:d39ef3f50a524d9c88a3bd0836cc1e4e2277a57e
  • libmagickwand-6.q16-6_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:447ec7d02e36399f8e087bbc9ca3d4742b87e268
  • libmagickwand-6.q16-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:0b2fc88d7c304de18bd4cb60087018bd64aa1e63
  • libmagickwand-6.q16hdri-6_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:c32ee4bd0cd8ff81c84e135b523c86553b6e48c2
  • libmagickwand-6.q16hdri-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_amd64.deb
    sha:75d7cd69f589627447ad5d667101538504f2acf8
  • libmagickwand-dev_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:8c3b2513f0897d488a9ef7413f9e897150cb25c0
  • perlmagick_6.9.10.23+dfsg-2.1ubuntu11.11+tuxcare.els25_all.deb
    sha:948fd55fe46df80aece98e107c0ba4fc18d23c48
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.