[SECURITY] [DLA 4539-1] imagemagick security update

Sun, 19 Apr 2026 10:29:11 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4539-1                [email protected]
https://www.debian.org/lts/security/                   Bastien Roucariès
April 19, 2026                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : imagemagick
Version        : 8:6.9.11.60+dfsg-1.3+deb11u11
CVE ID         : CVE-2026-25971 CVE-2026-25985 CVE-2026-26284 CVE-2026-26983
                 CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28688
                 CVE-2026-28689 CVE-2026-28690 CVE-2026-28691 CVE-2026-28692
                 CVE-2026-28693 CVE-2026-30883 CVE-2026-30936 CVE-2026-30937
                 CVE-2026-31853 CVE-2026-32259 CVE-2026-32636 CVE-2026-33535
                 CVE-2026-33536

Multiple security vulnerabilities were discovered in imagemagick,
a software suite used for editing and manipulating digital images, which
could lead to symlink races, information leaks, denial of service
and potentially arbitrary code execution.

For Debian 11 bullseye, these problems have been fixed in version
8:6.9.11.60+dfsg-1.3+deb11u11.

We recommend that you upgrade your imagemagick packages.

For the detailed security status of imagemagick please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/imagemagick

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmnlEMcACgkQADoaLapB
CF+tcQ//SMI90HHQ7f9r2SLorWBnDG80MswvYDCmpx2NjTYc0u+UBG0GHbHpDYlY
9TYvjhkwU8PUcXgeCwhB8OMDf8t6Kik94GrnohnuwnfkIHnvsIpO+RHSzi9TggX6
V+Dvgpg+OksNqmz6xwJ/EK+FCpj9zRA9Hz1rewyh4GMf+UpGUEhzPZmiUneTEpUC
qXnDD3FRQ63/8YkR/exGEm/TJl+rLuphCo770kJH2KwA+36Ko8KfzTHALlmjsfpL
s9UUwGYcMuVRi/KEWyhTsezD4jRk7FUhnGNnaIshyhFM2E92CFRMdACAQzWAA2ns
tCFe3+V0Mg/vC0Hlo4bC7KkvRijexxfd3wkp56UcKmf1XwBEqFNsRo509M9QfJdv
ldlbvvj722TcMdqHppjqx+kCxMcAlbcAaQL63MLolK6Q6Fv4OgRiaNfXpObn6Mz0
F8EfD74K55i7D6T+QR2eplKtKy5gKsPtMKlaqTBCfM1YKXSC16ZiASV87OWecGRm
jPjhrCMkrMzsyOZ4juyts4CagJKAi+SBFFercmHt990TSpNpYDIP6MMgTEhtwYdd
oPEq6prDjwjxNxC1MDDIoUJQtJMW16g0NDtOFzztqOfzm+e+61FeZnri2cFUMFqd
XFiiQOqnEqnhxXvfFveb7+cxN4JOrEuyQYqiytBJ7qvGJvgeYBk=
=emE6
-----END PGP SIGNATURE-----

Reply via email to