Question about IMageMagic and Ubuntu Pro

Keith keithw at caramail.com
Mon Dec 22 21:43:58 UTC 2025 

On 12/22/25 3:15 PM, Jerry Geis wrote:
> 
> 
> On Mon, Dec 22, 2025 at 4:13 PM Colin Law <clanlaw at gmail.com 
> <mailto:clanlaw at gmail.com>> wrote:
> 
>     On Mon, 22 Dec 2025 at 21:02, Jerry Geis <jerry.geis at gmail.com
>     <mailto:jerry.geis at gmail.com>> wrote:
>      >
>      >
>      >
>      > On Mon, Dec 22, 2025 at 3:32 PM Colin Law <clanlaw at gmail.com
>     <mailto:clanlaw at gmail.com>> wrote:
>      >>
>      >>
>      >>
>      >> On Mon, 22 Dec 2025, 20:23 Jerry Geis, <jerry.geis at gmail.com
>     <mailto:jerry.geis at gmail.com>> wrote:
>      >>>
>      >>> I have ubuntu pro
>      >>>
>      >>> This is my version running - WHICH apparently has the
>     vulnerability and should be updated
>      >>>
>      >>> imagemagick-6-common/noble-apps-security,now
>     8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm4 all [installed,automatic]
>      >>> imagemagick-6.q16/noble-apps-security,now
>     8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm4 amd64 [installed,automatic]
>      >>> imagemagick/noble-apps-security,now
>     8:6.9.12.98+dfsg1-5.2ubuntu0.1~esm4 amd64 [installed]
>      >>>
>      >>> my machine is FULLY patched - but this is not getting taken and
>     is still the version above.
>      >>> Why is that - how do I get this patched version
>      >>
>      >>
>      >>
>      >> How do you know your version has a vulnerability? Which
>     vulnerability?
>      >> If you have a vulnerability code then search for that on Ubuntu
>     and see what you get.
>      >>
>      >> Colin L
>      >>
>      >>
>      >>>
>      >>> thanks
>      >>>
>      >>> jerry
>      >>>
>      >
>      >
>      >
>      >
>      > High:  276810 (0/6) ImageMagick < 6.9.13-32 / 7.0 < 7.1.2-7
>     Integer Overflow (GGHSA-9pp9-cfwx-54rm)
>      >
>      > Path : unknown (Package: imagemagick 8:6.9.12.98)
>      > Installed version : 6.9.12-9
>      > Fixed version : 6.9.13-32
> 
>     Did you do the search I suggested?
>     https://github.com/ImageMagick/ImageMagick/security/advisories/
>     GHSA-9pp9-cfwx-54rm <https://github.com/ImageMagick/ImageMagick/
>     security/advisories/GHSA-9pp9-cfwx-54rm>
> 
>     Are you running on 32 bit system?
> 
>     Colin L.
> 
>     -- 
>     ubuntu-users mailing list
>     ubuntu-users at lists.ubuntu.com <mailto:ubuntu-users at lists.ubuntu.com>
>     Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/
>     listinfo/ubuntu-users <https://lists.ubuntu.com/mailman/listinfo/
>     ubuntu-users>
> 
> 
> Hi Colin,
> 
> yes - I did run the search - wasnt fully grasping what I was presented I 
> guess.
> 
> No, the system is a 64 bit system not 32 bit.
> 
> Thanks
> 
> 
> Jerry
> 

I don't know if changelogs are available for esm packages, ($ apt 
changelog imagemagick),  but you can check security notices about 
specific CVE's on https://ubuntu.com/security/cves. The specific notice 
you're referencing is https://ubuntu.com/security/CVE-2025-57803 which 
shows your versions are fixed.

-- 
Keith

More information about the ubuntu-users mailing list