-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 28 Dec 2025 19:32:37 +0100 Source: imagemagick Architecture: source Version: 8:7.1.2.12+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 1122584 1122827 Changes: imagemagick (8:7.1.2.12+dfsg1-1) unstable; urgency=medium . * New upstream version * Fix CVE-2025-65955 (Closes: #1122827) There is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption * Fix CVE-2025-66628 (Closes: #1122584) The TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bit values) from the file header and calculates image_size = 2 * width * height without checking for overflow. On 32-bit systems (or where size_t is 32-bit), this calculation can overflow if width and height are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via AcquireQuantumMemory and later operations relying on the dimensions can trigger an out of bounds read. Checksums-Sha1: a09322381b5fb80176ecbd179d6ec74b89e4f48a 5202 imagemagick_7.1.2.12+dfsg1-1.dsc bee52f0778e83b60af245ce15913df09f53adb7d 10528380 imagemagick_7.1.2.12+dfsg1.orig.tar.xz 6d85303213351c4a7cfef3e6ba2d99a80b9e44f3 267584 imagemagick_7.1.2.12+dfsg1-1.debian.tar.xz 761fbfd27d1fd2d4774bd872462a8e7c5b496571 8344 imagemagick_7.1.2.12+dfsg1-1_source.buildinfo Checksums-Sha256: 5120ceb4dbc42b75e967ffdc9932958578f6729a27c428feaa9604104be3f6d2 5202 imagemagick_7.1.2.12+dfsg1-1.dsc 56a85bcdd0bd00b52f9a0bb51a25a8e16fb0b8742ce53e7984d7db26229fe245 10528380 imagemagick_7.1.2.12+dfsg1.orig.tar.xz 6c9f335dc4e94b9de403f13d4f1149ef79883be8e86468a717b508eb42913a2f 267584 imagemagick_7.1.2.12+dfsg1-1.debian.tar.xz 418c53e15f9ab3bfb1a476a7ad5a160c8baf776f6e094cd459889851e404cd23 8344 imagemagick_7.1.2.12+dfsg1-1_source.buildinfo Files: 0e171c78a89d65696ba3fc3b42a7656f 5202 graphics optional imagemagick_7.1.2.12+dfsg1-1.dsc 16b781d79d7aa251115b7ca613f3b76f 10528380 graphics optional imagemagick_7.1.2.12+dfsg1.orig.tar.xz 356e3359831fab0be11be31b7aa95b6b 267584 graphics optional imagemagick_7.1.2.12+dfsg1-1.debian.tar.xz aea9d754b329c9d001b800de7cf0048f 8344 graphics optional imagemagick_7.1.2.12+dfsg1-1_source.buildinfo -----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJpUbTcCRAAOhotqkEIX0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmdSC7AyQdT4A6khwK0YZwx3VEZTEoHvE83ZmaSMyNEj ZhYhBF0Bh7lAokW617D1agA6Gi2qQQhfAADSDQ/+JKL/7rREBuIPg9S2iQaGEiTx os1sl20BAk0NxMqPlZ1cdgVeCO1TLNN1vq5RVnuVwcaNpEUZVzJ8GGSwOzbLx4YS GiwuJ/BOB0ZGYQ3LaxiRL5SKfYHUiW46pG65ftk9m+SbUYr5rgNCjQiSCl5lpHYa wO+A/VFilahOWDmXYdWL5nEwDZktsq9ibb3Nhz/BUQfOJdbEWNcAEsz/D2CdggzL GQ/6ytgDDzrSo7aB0jH5XWZLbNECANNxvYPIr7flbod2x6euc0q4dc5oudoYlggj 2FDSWY8pavRWb4LoYIMG+a62K1bCKlSEMv8cRGWTHN0glQBuEUZ4kH8nXSfB+S8P lzXCEqY1Q46TDIxzatYTODmQtk9z5mdWh7LmG0dofyhYnUS4aJPu4tiNxOzusAd5 GjYGyhGK0IbBHon2FNHmh8fRN0B/YzZwYrW3QenVNLxli5PddaxK3FdLK5WMgvpl OWC2ArtrcoykjjQvpyIoYH+2WCdj0E+Lik3mJkViMGNqUpAQhWu4flz/Hg0QJfu4 AAJ0xKCCWyXIQHS2CKACSHpoEFsUA3F7iEl7TQ8jVwvbV9V1Z0uFopqwxNMofGTh Pz10I7gCC8XcDgnYFbqmlOBL5qOyHa5Z4OgnecGyB/j6Kq1++CU/mEnQhtTTzv5q 1GPX/mziEJAXKRlYAa4= =cTeQ -----END PGP SIGNATURE-----
