Overview

File _patchinfo of Package patchinfo.39696

<patchinfo incident="39696">
  <issue tracker="cve" id="2025-53101"/>
  <issue tracker="cve" id="2025-53019"/>
  <issue tracker="cve" id="2025-53015"/>
  <issue tracker="cve" id="2025-53014"/>
  <issue tracker="bnc" id="1246529">VUL-0: CVE-2025-53101: ImageMagick: input manipulation may lead to an out-of-bound write</issue>
  <issue tracker="bnc" id="1246534">VUL-0: CVE-2025-53019: ImageMagick: format specifiers in a filename template may cause a memory leak</issue>
  <issue tracker="bnc" id="1246531">VUL-0: CVE-2025-53015: ImageMagick: specific XMP file conversion may cause an infinite loop</issue>
  <issue tracker="bnc" id="1246530">VUL-0: CVE-2025-53014: ImageMagick: an off-by-one error may cause an out-of-bounds memory access</issue>
  <issue tracker="bnc" id="1246065">ImageMagick is not allowed to open its own files</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ImageMagick</summary>
  <description>This update for ImageMagick fixes the following issues:

- CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access (bsc#1246530)
- CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop (bsc#1246531)
- CVE-2025-53019: Fixed format specifiers in a filename template may cause a memory leak (bsc#1246534)
- CVE-2025-53101: Fixed input manipulation may lead to an out-of-bound write (bsc#1246529)

Changed policies:

    * allow ImageMagick to read it's own files again (bsc#1246065)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places