Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted imagemagick 8:7.1.1.43+dfsg1-1+deb13u7 (source) into stable-security
Date: Thu, 19 Mar 2026 21:42:07 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 16 Mar 2026 00:43:38 +0100
Source: imagemagick
Architecture: source
Version: 8:7.1.1.43+dfsg1-1+deb13u7
Distribution: trixie-security
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 imagemagick (8:7.1.1.43+dfsg1-1+deb13u7) trixie-security; urgency=high
 .
   * Fix CVE-2026-28493:
     An integer overflow vulnerability exists in the SIXEL decoder.
   * Fix CVE-2026-28494:
     A stack buffer overflow exists in ImageMagick's morphology
     kernel parsing functions. User-controlled kernel strings
     exceeding a buffer are copied into fixed-size stack buffers
     via memcpy without bounds checking, resulting in stack
     corruption.
   * Fix CVE-2026-28686:
     A heap-buffer-overflow vulnerability exists in the PCL
     encoder due to an undersized output buffer allocation
   * Fix CVE-2026-28687:
     A heap use-after-free vulnerability in ImageMagick's
     MSL decoder allows an attacker to trigger access to
     freed memory by crafting an MSL file.
   * Fix CVE-2026-28688:
     A heap-use-after-free vulnerability exists in the MSL encoder,
     where a cloned image is destroyed twice. The MSL coder does not support
     writing MSL so the write capability has been removed.
   * Fix CVE-2026-28689:
     domain="path" authorization is checked before final
     file open/use. A symlink swap between check-time and use
     time bypasses policy-denied read/write
   * Fix CVE-2026-28690:
     a stack buffer overflow vulnerability exists in the
     MNG encoder. There is a bounds checks missing that could
     corrupting the stack with attacker-controlled data.
   * Fix CVE-2026-28691:
     An uninitialized pointer dereference vulnerability exists
     in the JBIG decoder due to a missing check
   * Fix CVE-2026-28692:
     The MAT decoder uses 32-bit arithmetic due to incorrect
     parenthesization resulting in a heap over-read.
   * Fix CVE-2026-28693:
     An integer overflow in DIB coder can result in out of
     bounds read or write
   * Fix CVE-2026-30883:
     An extremely large image profile could result in a heap
     overflow when encoding a PNG image.
   * Fix CVE-2026-30929:
     MagnifyImage uses a fixed-size stack buffer.
     When using a specific image it is possible to overflow
     this buffer and corrupt the stack.
   * Fix CVE-2026-30931
     A heap-based buffer overflow in the UHDR encoder
     can happen due to truncation of a value and it would
     allow an out of bounds write.
   * Fix CVE-2026-30935:
     BilateralBlurImage contains a heap buffer over-read caused
     by an incorrect conversion. When processing a crafted image
     with the -bilateral-blur operation an out of bounds read
     can occur.
   * Fix CVE-2026-30936:
     A crafted image could cause an out of bounds heap write inside the
     WaveletDenoiseImage method. When processing a crafted image with
     the -wavelet-denoise operation an out of bounds write can occur.
   * Fix CVE-2026-30937:
     A 32-bit unsigned integer overflow in the XWD (X Windows)
     encoder can cause an undersized heap buffer allocation.
     When writing a extremely large image an out of bounds heap
     write can occur
   * Fix CVE-2026-31853:
     An overflow on 32-bit systems can cause a crash in the
     SFW decoder when processing extremely large images.
   * Fix CVE-2026-32259:
     When a memory allocation fails in the sixel encoder it would
     be possible to write past the end of a buffer on the stack
   * Port SVG and MSL coder to 7.1.2-16
Checksums-Sha1:
 ff13af1c92fb97043070df2bde8e5bf4f1c6d10a 5136 imagemagick_7.1.1.43+dfsg1-1+deb13u7.dsc
 103af0af388a733c043845b228cf3031c16d859b 10501740 imagemagick_7.1.1.43+dfsg1.orig.tar.xz
 535d099fdebf4a33686355bfca11817cded1af57 329408 imagemagick_7.1.1.43+dfsg1-1+deb13u7.debian.tar.xz
 9e1fa4836fdf3a460a5ef727329de465d91b9502 8506 imagemagick_7.1.1.43+dfsg1-1+deb13u7_source.buildinfo
Checksums-Sha256:
 21d15ec531e5f7a540c3e3a56ec96568c65149a509c3acad4e6d0f857dfeff0a 5136 imagemagick_7.1.1.43+dfsg1-1+deb13u7.dsc
 bcb4f3c78a930a608fa4889f889edbcb384974246ad9407fce1858f2c0607bfe 10501740 imagemagick_7.1.1.43+dfsg1.orig.tar.xz
 d96f2576d7e7f2d03819d680a01c9382eae036472026b54b6b6194bec96327c5 329408 imagemagick_7.1.1.43+dfsg1-1+deb13u7.debian.tar.xz
 12b56ee5400c70a64926309afd78e1b3fbdb42aff173962b51571a05068f6a96 8506 imagemagick_7.1.1.43+dfsg1-1+deb13u7_source.buildinfo
Files:
 aa3977d9e8af214d20f5af1b13030c6b 5136 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u7.dsc
 01cfb13a7c1813afb50790e431358c6c 10501740 graphics optional imagemagick_7.1.1.43+dfsg1.orig.tar.xz
 681ca251d2bc268ff6db206e525236c9 329408 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u7.debian.tar.xz
 3c33b0548fcf7a778ce9b07d34d30af2 8506 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u7_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmm8C7cACgkQADoaLapB
CF+XSQ//TIpwGCo3VyZpR87OAHb4Zc+MKzuUIriM7gqMkqnVosoa2qhHvVB2KYsu
EBAbcXnghSDj7osDi/GoHlC6tqKXrg0GFhGk/Ktyip8a/CZaTfMakrosd4p8/GVe
XsgkT3z2CKwjE2PeR5Di/xfjTCzxfNo1lKZ3n90gGKTfDiOgkcfIeKAOlhPtHLBb
NPToiiIpicPOgpYY0QfVmpbS9+GDXT6VIYk81XmJ65AF/AsR51JOkkPzV63bwiwR
J33OZn7bibDLnX4Igl9irIubwVBmQgkITdsKtlbvucBRDuIMUWsCgbbFFZ3TUVff
UYYCNoGCMH8XBKyMga6uttkNMbLCubDXIiMhHheL9S2RHAOMtYkR7fZaD6Yba6DM
gYWk5ncZ0TC+HcgCXMgRYIRlq4n21plm8+cMj7KBrAzBfBuML4IigY9OMzj0HXK7
SzjCaiSTMs4I3v28ka71UaOixCLK90ZISjJNOqb7i8LPiEAJuNzTjJjpnaKnbe9M
6DQwU9NgKpYsNv4iZkcxrg/lD9iuWpHy3/wABriV0VJM6LPsBDV9uuBo/iwymuUi
wqPQLE7GvIFSfMMRqOdH4Cs/2F3gwrXSm0yGl4LhTZDx5lVb878Qk5yuSIQc8rGu
ysFEHXwMV/iJZNvQbHrVwYm1V9zhFXRXUtjwM8zg4MKuRjeR5ps=
=/pFq
-----END PGP SIGNATURE-----
News for package imagemagick
