-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 29 Dec 2025 00:33:04 +0100 Source: imagemagick Binary: imagemagick-7-common imagemagick-7-doc libimage-magick-perl libmagick++-7-headers libmagick++-dev libmagickcore-7-headers libmagickcore-dev libmagickwand-7-headers libmagickwand-dev perlmagick Architecture: all Version: 8:7.1.1.43+dfsg1-1+deb13u4 Distribution: trixie Urgency: high Maintainer: all Build Daemon (x86-csail-02) Changed-By: Bastien Roucariès Description: imagemagick-7-common - image manipulation programs -- infrastructure imagemagick-7-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libmagick++-7-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-7-headers - low-level image manipulation library - header files libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-7-headers - image manipulation library - headers files libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 1119296 1122584 1122827 Changes: imagemagick (8:7.1.1.43+dfsg1-1+deb13u4) trixie; urgency=high . * Fix CVE-2025-62594 (Closes: #1119296) Imagemagick is vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow occurs in pointer arithmetic, leading to out-of-bounds memory access, and division-by-zero causes immediate crashes. * Fix CVE-2025-65955 (Closes: #1122827) There is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. * Fix CVE-2025-66628 (Closes: #1122584) The TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bit values) from the file header and calculates image_size = 2 * width * height without checking for overflow. On 32-bit systems (or where size_t is 32-bit), this calculation can overflow if width and height are large (e.g., 65535), wrapping around to a small value. * Fix CVE-2025-68618: Magick's failure to limit the depth of SVG file reads caused a DoS attack. * Do not allow vid for vector graphics * Fix CVE-2025-68950: Magick's failure to limit MVG mutual references forming a loop * Fix CVE-2025-69204: Converting a malicious MVG file to SVG caused an integer overflow. Checksums-Sha1: 7a91855c5eb911036d8555d8182a19d67b1fcb34 69848 imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u4_all.deb 7afd2f136e7b0ccbdb8ac1cc1d36ff9e44e07877 9214096 imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u4_all.deb f775ea0eedbe2469ec8413d947f99427a170bb43 18564 imagemagick_7.1.1.43+dfsg1-1+deb13u4_all-buildd.buildinfo a19c84c25f45af6574871157e337be55a644f938 38916 libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u4_all.deb 50387bf385d3163672ec4be6327f24fa4108d5ed 47632 libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb 738dda4647c5a54eeea1265d592265b0b1519ee4 1188 libmagick++-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb 71dc283a57d4354c20285eaca2d97f778a35ef29 50428 libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb 38ce6e7be12dad9206a3d4f927490535000df09e 1168 libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb d12092f7004677647acbbd3298458b60e5ebc361 9864 libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb 477b07f99f82f0f738eb651ac997788ccc341079 1148 libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb 081b60c4a65b4f4fd6d417641801640cb15475c0 1192 perlmagick_7.1.1.43+dfsg1-1+deb13u4_all.deb Checksums-Sha256: 96c5733e0cf7f2dea73c8b91d63601d2a9b0dda3e11803ab7e8058346d41fad3 69848 imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u4_all.deb 153690d1da4e470716225821f826f9cf9cf2d66c803e65cd1091ec3d46fe8768 9214096 imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u4_all.deb 1846add5fc1a2062b6ab0e38cd19e65819f206e6b735c1cbf2f1676c590b9357 18564 imagemagick_7.1.1.43+dfsg1-1+deb13u4_all-buildd.buildinfo 68b6ddb6a6dc4a4200cb072551b90e0240b60201e9848c9af6cc7610f4b1ba25 38916 libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u4_all.deb cf78c674e6152da58dabd944213a11ffe8bd3c7d6c37cb544e3ff6be7b0b24b8 47632 libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb 8f5d3b15722e57eda17df18c8bf84811d760e91e8a6ba76a1be1a13b1edb95bd 1188 libmagick++-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb 0260a0a36c9e499ae4dfede6b7f91c5eabc1337512ee519a589ba8aab22bbda2 50428 libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb 96910a813376d14debf27ae2f09fa3b7d9dfe2be61adebc8724199ad530b1ad9 1168 libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb f8dd0d6d90e86a61b389dff63d28b85f4c94ca1044e657c191d4959e6cf62445 9864 libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb c91466b31bc1948f0f9c3a4c159241cd3ee2f61eab8f29b0acde563568a0d3d3 1148 libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb 5e8b3c8ccc85ee8731de704330e722e69d46eceacf420229aa476c344eb7bfa2 1192 perlmagick_7.1.1.43+dfsg1-1+deb13u4_all.deb Files: 9a03a448e563d426403279bc0de3359c 69848 graphics optional imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u4_all.deb 199ca680bb4b3771d6be7ba853b0d898 9214096 doc optional imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u4_all.deb 3b34847c77653ce87bb0607959185859 18564 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u4_all-buildd.buildinfo 43469f6ae7f8a3510bba65d37eac78f2 38916 perl optional libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u4_all.deb 7723ca02bb672fdd0731d42af949d76b 47632 libdevel optional libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb 3303a888d8fd21238e563ee0e884d497 1188 oldlibs optional libmagick++-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb 4372c6057f8e457a84b5c1bb8e7c35a9 50428 libdevel optional libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb e4e689b38a0afada8210002b4dc764a2 1168 oldlibs optional libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb b23836ba21d2df0c7033a505ab5dcb65 9864 libdevel optional libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u4_all.deb f062c410e0e78bc1b3ba702b036aea61 1148 oldlibs optional libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u4_all.deb dfc7b4e64ac2cb4318ae1df43b307313 1192 oldlibs optional perlmagick_7.1.1.43+dfsg1-1+deb13u4_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEELusn8jY95Sf7obGlx30Wh8LXl/YFAmlZRMIACgkQx30Wh8LX l/Zfwg/+JvMDn8rcohyfa0rHXv61YmrUtePLtNOCX2dcczwOF5cdcDTN7NgKxvll igqWG7Kw4DBG1WNNf3kjTFwhZfJR+5Xa8EcTWqG1Dlsc4JH3MnpV0mi/9AogvNE3 zFddkIjU6hFQCu9c/XFwhPvwpB9slm1bFtE92tErNJcQkhBlEtTEbkvrCRM47IY6 BFAJskoXgFbBhU9mAFnQhvyJrlnzJ+dibAF6WcTuXjGmTpmuibxK/R3+0pXDDfB2 aLIGKXyV1vwwXhFp/COSpxDxpryENcerYXwkldo4tXmEnXrVGSgGBJEXsDc8c8s/ zOb4gvOFyCzCQQXXA+Jza5mZ6aBvhUp7D7wU0h80Ee+KSCn9txWGcTP8O0w1s3Ar +LuLIjCpGfI7qTgbFWNT1l2qClPWMj5DvEKaaS1skmWwU/uCSvCD2+hDtncn6MXS +FXdox3ybgM7qw75SWoRnpcXY2ugy0MIWj6kEPqAyvgS9KgQKFOkLE91bhpxX870 Cp7ka5SWjRefgemAeiXnMkv9bVuj6ZsmvXEEsnjCChfwGgGd+5wjx3G1290iTA8Q PGQ7T0w/hziZqAy90NajOPON7E/88dEbq8PtS9NuvFUtM0kHiMRAgtmkx6sRVEk6 f7RWdqvnYRp5fl3svk1FcWcm05KwLSQMuxwa2Q0GmGxgD/fDV8E= =vD6Q -----END PGP SIGNATURE-----