-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 12 Jun 2026 22:13:14 +0200 Source: imagemagick Architecture: source Version: 8:7.1.2.25+dfsg1-1 Distribution: unstable Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Changes: imagemagick (8:7.1.2.25+dfsg1-1) unstable; urgency=high . * New upstream version * Fix CVE-2026-53460: A missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. * Fix CVE-2026-53461: An incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. * Fix CVE-2026-53462: When an allocation fails in CheckPrimitiveExtent this can result in a heap-use-after-free and result in a crash. * Fix CVE-2026-53463: When passing incorrect arguments in the distort operation a null pointer deference will occur. * Fix CVE-2026-53464: When providing invalid options to the wand option parser a small memory leak will occur. * Fix CVE-2026-53465: A crafted multi-frame can result in a heap buffer over-write when encoding it with the SF3 encoder Checksums-Sha1: 5755df24889342e1961b0f9086a530e6c521e016 5202 imagemagick_7.1.2.25+dfsg1-1.dsc ee66b21d708c7fb61d0f6aab145ad46ecc88299f 10539840 imagemagick_7.1.2.25+dfsg1.orig.tar.xz 00386d1e38de3facd0cd1c5bfd385f7beec5d1dd 266440 imagemagick_7.1.2.25+dfsg1-1.debian.tar.xz d7360f6c2f793a87e35bbca7eba3335a705531c1 8599 imagemagick_7.1.2.25+dfsg1-1_source.buildinfo Checksums-Sha256: 9f95485ab6751edb55949eeae96f8023fd634de2a315366e70d1d2073b837fb7 5202 imagemagick_7.1.2.25+dfsg1-1.dsc f978ff8fc6fe47e70a66f8cc748d8aa6dab81fa97f14ac47ee5a464f22d68212 10539840 imagemagick_7.1.2.25+dfsg1.orig.tar.xz 45c3d2f71600dde68aebf183be873472cd1bd68976053f0d0d5b6fb02b9d4857 266440 imagemagick_7.1.2.25+dfsg1-1.debian.tar.xz 41faed9d9ed3bc91ad275336d815ca3f6f4732861609cf53eac1511fb5780485 8599 imagemagick_7.1.2.25+dfsg1-1_source.buildinfo Files: a21d6c0ba23a961c956fbc0fcdfbb5d7 5202 graphics optional imagemagick_7.1.2.25+dfsg1-1.dsc c870e0367efccd3649e52a78a168257a 10539840 graphics optional imagemagick_7.1.2.25+dfsg1.orig.tar.xz 097be3df99075018806fb76c3023c86f 266440 graphics optional imagemagick_7.1.2.25+dfsg1-1.debian.tar.xz 214ba4fc73ee0c6178fab82c11b28bf1 8599 graphics optional imagemagick_7.1.2.25+dfsg1-1_source.buildinfo -----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJqLXCuCRAAOhotqkEIX0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmfeNXYkC5ZBf94YI+7o+uJqNfUOczrBfG5qHiXiG54Q +hYhBF0Bh7lAokW617D1agA6Gi2qQQhfAADdig/9H7+1Tv2LhikPHrHLTJ+eC74P s7WAHC6pu9tk+xAR5lI1/6s/BSqRSMCzWZE4t0264UlwO6VNfq1wv08MoPDwAeSH DwwrmicwSxY9o80VDj08w8nUkAGIGbcEqQr4q/Hl5mRJHcCzD2rj+FHPTVhKEXeD cP7D2RqsO4Ab7KAaX9CNHPRSAqDE4Or/TQ2Xbhn/TOvzveGBc/f5GP7NOIIMnx0U wm8+o9NnroLczWWLMb+is6S++cEST3fnjceUcz09Hn4mj0iHY5hY7PhJjGK2ene7 b9eV7DHqpH4ZKMzAj20eBSkM/QZgRGsB6kC5m/E82ZTLpF3u8c/ZpLqaosgsuGhw 9A+dhYiO6DD0zDo6m5rCon6dHAXAyadon4azOMa4X47MErXZKZDUWN4JufZU/6Aa D+lNM+Sivi7DHjQlfdzy3P9nQj5HyBUDimycyzRy9JtDTo/9P4WXlyannCaB9TZD Jdy5GFs9fqssf9V/HZWUZzfnhQ/D8dvyiUMRyQ7B60fj56CAtED0Zy73gozLfg6K MdpdoXAbuBRf6862bvLv5F0K8s6E1l35wvUDAYeWTElV953Qh3N7Lr2HfrWDo5xh XUq1k+asYgidfM6kLUbeGbxu/QhgqBrVelgs5BwEG78kGZbhd2GvN6QoC2ZxNgdX yhpxfTLgUUdVPJNvf4g= =h4K3 -----END PGP SIGNATURE-----
