[ubuntu/resolute-proposed] imagemagick 8:7.1.2.13+dfsg1-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Mar 5 14:35:47 UTC 2026
imagemagick (8:7.1.2.13+dfsg1-1ubuntu1) resolute; urgency=medium
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2026-25897.patch: adds extra bounds check for
image->rows in coders/sun.c.
- CVE-2026-25897
* SECURITY UPDATE: global buffer overflow
- debian/patches/CVE-2026-25898*.patch: checks for and handles a negative
pixel index in coders/xpm.c and coders/uil.c.
- CVE-2026-25898
* SECURITY UPDATE: stack buffer overflow
- debian/patches/CVE-2026-25968.patch: adds length validation and dynamic
memory allocation for tmp buffer in coders/msl.c.
- CVE-2026-25968
* SECURITY UPDATE: use after free
- debian/patches/CVE-2026-25983*.patch: run checks prior to accessing
image in coders/msl.c.
- CVE-2026-25983
* SECURITY UPDATE: heap buffer overflow
- debian/patches/CVE-2026-25986.patch: updates loop bounds in coders/yuv.c.
- CVE-2026-25986
* SECURITY UPDATE: heap based out-of-bounds read
- debian/patches/CVE-2026-25987.patch: adds check for depth and
image->colors in coders/map.c.
- CVE-2026-25987
* SECURITY UPDATE: heap based out-of-bounds read
- debian/patches/CVE-2026-26284.patch: corrects loop initialization in
coders/pcd.c.
- CVE-2026-26284
Date: 2026-03-03 06:44:10.806422+00:00
Changed-By: Ian Constantin <ian.constantin at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/imagemagick/8:7.1.2.13+dfsg1-1ubuntu1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Resolute-changes
mailing list