-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 21 Jun 2026 15:40:05 +0200 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc imagemagick-common imagemagick-doc libimage-magick-perl libmagick++-6-headers libmagick++-dev libmagickcore-6-headers libmagickcore-dev libmagickwand-6-headers libmagickwand-dev perlmagick Architecture: all Version: 8:6.9.11.60+dfsg-1.6+deb12u11 Distribution: bookworm-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Bastien Roucariès Description: imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 1140176 Changes: imagemagick (8:6.9.11.60+dfsg-1.6+deb12u11) bookworm-security; urgency=high . * Fix CVE-2026-48733: An infinite loop in the subimage-search operation can happen when using a crafted image. * Fix CVE-2026-48734: A crafted MVG file could result in a stack overflow due to a missing depth or visited-set check * Fix CVE-2026-48994: A missing check of a return value could lead to a heap buffer over-write in the MAT decoder on 32-bit systems. * Fix CVE-2026-49218: A missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. * Fix CVE-2026-53460: A missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. * Fix CVE-2026-53463: When passing incorrect arguments in the distort operation a null pointer deference will occur. * Fix default policy.xml HTTP/HTTPS/URL delegate rules are no-ops (Closes: #1140176) Checksums-Sha1: 38f6273f18aedf31e69f838b21246468f7959e45 173508 imagemagick-6-common_6.9.11.60+dfsg-1.6+deb12u11_all.deb ece2ce7911584cff98b8cdb403523c6bdc939260 7898944 imagemagick-6-doc_6.9.11.60+dfsg-1.6+deb12u11_all.deb 137b46e58fa163b961e352eb6b327ec741d58e34 1512 imagemagick-common_6.9.11.60+dfsg-1.6+deb12u11_all.deb 41c4fe9b12fbe7a7d45e1a639d6e085e23233820 1616 imagemagick-doc_6.9.11.60+dfsg-1.6+deb12u11_all.deb bf0cc08601041646c605c5089826771d84513e60 19059 imagemagick_6.9.11.60+dfsg-1.6+deb12u11_all-buildd.buildinfo df73581230acb6c694a6afff90a6734d2d9efe68 53324 libimage-magick-perl_6.9.11.60+dfsg-1.6+deb12u11_all.deb 276f64c208adf609910c7d0cb09e9f429e639518 47504 libmagick++-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb 69bef523a87973b6f6819a14a81d401fe770e4ba 1364 libmagick++-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb 59e8c14a60426da0d11b73c46bb461a8abc0faad 50924 libmagickcore-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb ba947cc382bb56c22044f19101dbbf5f99bb5e29 1340 libmagickcore-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb c1977793021a79af7ae599ffffcad5f576846f40 10508 libmagickwand-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb 8bcb3366af3f58d1b1eeac6d0d1774f396f959ff 1324 libmagickwand-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb 1bed1c8c503978944f9529323287e7892bb2726b 1364 perlmagick_6.9.11.60+dfsg-1.6+deb12u11_all.deb Checksums-Sha256: 47d1a9a5ac4de5813b6ca7013cc9babadd5d26fed9055181b910652370debd86 173508 imagemagick-6-common_6.9.11.60+dfsg-1.6+deb12u11_all.deb c9e8855d0bd2fac83bc205fb70467c59d55a7a9c75696cd16994eff7d429b37f 7898944 imagemagick-6-doc_6.9.11.60+dfsg-1.6+deb12u11_all.deb 43d1b314023cf59f187131d12a6eb898478e3629bec74c0a8476506f883bf498 1512 imagemagick-common_6.9.11.60+dfsg-1.6+deb12u11_all.deb e3a561a093b8b546f503af9c83339b1568066b13a2cea4469c91a287c7260056 1616 imagemagick-doc_6.9.11.60+dfsg-1.6+deb12u11_all.deb 070ecd2f776da90a1d61eeddc4ba22642acbfbcd46b19b98a68ae7405e0a4649 19059 imagemagick_6.9.11.60+dfsg-1.6+deb12u11_all-buildd.buildinfo 7252519a60ce901936b8b6785f40da7f87f2f480a44d0157c64f38c5c31a3a3c 53324 libimage-magick-perl_6.9.11.60+dfsg-1.6+deb12u11_all.deb 49870913dc699a2e60cccde3fc8bd155891f0ff3c0f7ecb9318aff8648aff892 47504 libmagick++-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb 39a74ab12bdefe9a3fcbecd8cbf3f93a78d0c032eaa06a3b0292f9d666a8eeec 1364 libmagick++-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb 87a6c8234dbdba753a5853a9c1492d3d1e94c742edece02fdf2d0215e7487500 50924 libmagickcore-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb 76460af1bb098f16a860f7a63dd723ea7a33c625af5578c25483bb0470e8748d 1340 libmagickcore-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb 79dcf55e77ac341db1ea3c478f59d7d7b377b84aeeeba8232b686aa49c3050cd 10508 libmagickwand-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb b4ad2fd06cdc27a90f353782234c89b18b8daf374e1a4db6ffbeafdde2bf99a3 1324 libmagickwand-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb c843d591c74977fe3dea9c9cb904395b0aecb3b1ff739f8b56d1d19d1dbc1540 1364 perlmagick_6.9.11.60+dfsg-1.6+deb12u11_all.deb Files: c6bd3c055e1a376ee0b786b05e89de68 173508 graphics optional imagemagick-6-common_6.9.11.60+dfsg-1.6+deb12u11_all.deb bc1f6d00c0aeb7e37b1e86921bb873d3 7898944 doc optional imagemagick-6-doc_6.9.11.60+dfsg-1.6+deb12u11_all.deb b4c026c16944edaedac49633186eb484 1512 oldlibs optional imagemagick-common_6.9.11.60+dfsg-1.6+deb12u11_all.deb bc38acd52470ec54aef4ec6818c9ddfa 1616 oldlibs optional imagemagick-doc_6.9.11.60+dfsg-1.6+deb12u11_all.deb c8d7a673aa17bbd8d04b39e24a37a3e9 19059 graphics optional imagemagick_6.9.11.60+dfsg-1.6+deb12u11_all-buildd.buildinfo a84db54e5a9f1af62dc60216ef0b7e12 53324 perl optional libimage-magick-perl_6.9.11.60+dfsg-1.6+deb12u11_all.deb 8516f6552f6eec72d95300b7174bb25a 47504 libdevel optional libmagick++-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb 1802934a02a407915ea5defc9d78caeb 1364 oldlibs optional libmagick++-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb ed7900d34e7477bd3c798dc9a214a97b 50924 libdevel optional libmagickcore-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb b2048bd6736e1240b6aca6974ec59c5d 1340 oldlibs optional libmagickcore-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb 1856b5afdd1f5d463e5996d10ac03a9c 10508 libdevel optional libmagickwand-6-headers_6.9.11.60+dfsg-1.6+deb12u11_all.deb 197ee2aa2b673621ecdc86cb2d57603d 1324 oldlibs optional libmagickwand-dev_6.9.11.60+dfsg-1.6+deb12u11_all.deb 2fa26a1bf403cff6dfbc6fc34a5f4949 1364 oldlibs optional perlmagick_6.9.11.60+dfsg-1.6+deb12u11_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmo4JIAACgkQmgPNRvTf /zeQoA/+I18hjjKupei43bAvvBRvJWHTm2CD8Q3eP/0cGajrLn960/9pQ45nETu2 2Xf9SL9b4ZjgoHGxJ/u0uwISMPygdi6VxaOianLISIOU0euEtDRdQPdC4NSRgGb+ +ZsSUeIuf3/BCWFKenj0GERQIIP+lHGK5SHsay+798HTfKLyG0p0GFvpffWLh8hn nR+UPd5pWtvuRjNA5TFUlXJa+bUpuFRz4XSNDiLgdfdiU24yc46EKlBs+pF3KTp2 JjG/hPQFvpYttLbn3A9aG2NZ2llrAddpZzGNKCYkEv81T6/emA48qGoeCfonjuVt 0SivRkh85N3NrqnFa0+NhSSA1mn3BwjFtTp7rcSKwBQuccOeQec54hop/S7fvUPc 3R5i9x2tuxlmqFVXFC+GrF3AeQNmsVT6w5nFbEoiXPUJ4fNb4suI0wYPWGI2Ok/D dlkfLAVqpu/NEkb3/d9rAdlCVBm9f6yJExDr9u7nTOryqScBi5PnrJspS+r0u6dT dDqpox0FMlv3UKE8Y7lzd8FDYSQZzRtMBjflFF+hN8M2/R2JbyIbYKadG+xy/QPN VyyJmlErOL/ejxfgITuSXEQaLTImrVXOH6202VjiwnOkXzmbP2vkl/1I/DlquIIy cDrUbIutzUqFX8RsdbI9kNVMeTOatTYKyzAf8kPjb+1NM1fqed8= =6I2I -----END PGP SIGNATURE-----