File _patchinfo of Package patchinfo.42998
<patchinfo incident="42998"> <!--generated with prepare-update from request 402661--> <issue tracker="bnc" id="1258743">VUL-0: CVE-2026-24481: ImageMagick: Possible Heap Information Disclosure in PSD ZIP Decompression</issue> <issue tracker="bnc" id="1258748">VUL-0: CVE-2026-25576: ImageMagick: Out of bounds read in multiple coders that read raw pixel data</issue> <issue tracker="bnc" id="1258757">VUL-0: CVE-2026-25796: ImageMagick: Memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths</issue> <issue tracker="bnc" id="1258759">VUL-0: CVE-2026-25637: TRACKERBUG: ImageMagick: Denial of Service via crafted image due to memory leak</issue> <issue tracker="bnc" id="1258763">VUL-0: CVE-2026-26983: ImageMagick: Invalid MSL <map> can result in a use after free</issue> <issue tracker="bnc" id="1258765">VUL-0: CVE-2026-26284: GraphicsMagick,ImageMagick: Heap overflow in pcd decoder leads to out of bounds read.</issue> <issue tracker="bnc" id="1258769">VUL-0: CVE-2026-26066: ImageMagick: Infinite loop when writing IPTCTEXT leads to denial of service via crafted profile</issue> <issue tracker="bnc" id="1258770">VUL-0: CVE-2026-25797: ImageMagick: Code injection in various encoders</issue> <issue tracker="bnc" id="1258771">VUL-0: CVE-2026-25989: ImageMagick: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder</issue> <issue tracker="bnc" id="1258774">VUL-0: CVE-2026-25971: ImageMagick: MSL: Stack overflow in ProcessMSLScript</issue> <issue tracker="bnc" id="1258780">VUL-0: CVE-2026-25966: ImageMagick: Security Policy Bypass through config/policy-secure.xml via "fd handler" leads to stdin/stdout access</issue> <issue tracker="bnc" id="1258785">VUL-0: CVE-2026-25965: ImageMagick: Policy bypass through path traversal allows reading restricted content despite secured policy</issue> <issue tracker="bnc" id="1258786">VUL-0: CVE-2026-25799: GraphicsMagick,ImageMagick: Division-by-Zero in YUV sampling factor validation leads to crash</issue> <issue tracker="bnc" id="1258787">VUL-0: CVE-2026-25798: ImageMagick: NULL Pointer Dereference in ClonePixelCacheRepository via crafted image</issue> <issue tracker="bnc" id="1258790">VUL-0: CVE-2026-24484: GraphicsMagick,ImageMagick: denial of service vulnerability via multi-layer nested MVG to SVG conversion</issue> <issue tracker="bnc" id="1258791">VUL-0: CVE-2026-24485: GraphicsMagick,ImageMagick: denial of service via malformed PCD file processing</issue> <issue tracker="bnc" id="1258792">VUL-0: CVE-2026-25795: ImageMagick: Denial of Service due to NULL pointer dereference during temporary file creation failure</issue> <issue tracker="bnc" id="1258793">VUL-0: CVE-2026-25638: ImageMagick: Denial of Service due to memory leak in image processing</issue> <issue tracker="bnc" id="1258799">VUL-0: CVE-2026-25897: TRACKERBUG: ImageMagick: Out-of-bounds heap write via integer overflow in sun decoder</issue> <issue tracker="bnc" id="1258802">VUL-0: CVE-2026-25970: TRACKERBUG: ImageMagick: Memory corruption and denial of service via signed integer overflow in SIXEL decoder.</issue> <issue tracker="bnc" id="1258805">VUL-0: CVE-2026-25983: TRACKERBUG: ImageMagick: Denial of service via crafted MSL script</issue> <issue tracker="bnc" id="1258807">VUL-0: CVE-2026-25898: ImageMagick: Information disclosure or denial of service via crafted image with invalid pixel index</issue> <issue tracker="bnc" id="1258810">VUL-0: CVE-2026-25988: ImageMagick: Denial of Service due to memory leak in image processing</issue> <issue tracker="bnc" id="1258818">VUL-0: CVE-2026-25986: TRACKERBUG: ImageMagick: Denial of Service via malicious YUV image processing</issue> <issue tracker="bnc" id="1258821">VUL-0: CVE-2026-25987: TRACKERBUG: ImageMagick: Memory disclosure and denial of service via crafted MAP files</issue> <issue tracker="bnc" id="1259017">VUL-0: CVE-2026-27799: ImageMagick: ImageMagick has a heap Buffer Over-read in its DJVU image format handler</issue> <issue tracker="bnc" id="1259018">VUL-0: CVE-2026-27798: ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images</issue> <issue tracker="cve" id="2026-24481"/> <issue tracker="cve" id="2026-24484"/> <issue tracker="cve" id="2026-24485"/> <issue tracker="cve" id="2026-25576"/> <issue tracker="cve" id="2026-25637"/> <issue tracker="cve" id="2026-25638"/> <issue tracker="cve" id="2026-25795"/> <issue tracker="cve" id="2026-25796"/> <issue tracker="cve" id="2026-25797"/> <issue tracker="cve" id="2026-25798"/> <issue tracker="cve" id="2026-25799"/> <issue tracker="cve" id="2026-25897"/> <issue tracker="cve" id="2026-25898"/> <issue tracker="cve" id="2026-25965"/> <issue tracker="cve" id="2026-25966"/> <issue tracker="cve" id="2026-25970"/> <issue tracker="cve" id="2026-25971"/> <issue tracker="cve" id="2026-25983"/> <issue tracker="cve" id="2026-25986"/> <issue tracker="cve" id="2026-25987"/> <issue tracker="cve" id="2026-25988"/> <issue tracker="cve" id="2026-25989"/> <issue tracker="cve" id="2026-26066"/> <issue tracker="cve" id="2026-26284"/> <issue tracker="cve" id="2026-26983"/> <issue tracker="cve" id="2026-27798"/> <issue tracker="cve" id="2026-27799"/> <category>security</category> <rating>important</rating> <packager>pgajdos</packager> <summary>Security update for ImageMagick</summary> <description>This update for ImageMagick fixes the following issues: - CVE-2026-24481: Possible Heap Information Disclosure in PSD ZIP Decompression (bsc#1258743). - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion (bsc#1258790). - CVE-2026-24485: denial of service via malformed PCD file processing (bsc#1258791). - CVE-2026-25576: Out of bounds read in multiple coders that read raw pixel data (bsc#1258748). - CVE-2026-25637: Denial of Service via crafted image due to memory leak (bsc#1258759). - CVE-2026-25638: Denial of Service due to memory leak in image processing (bsc#1258793). - CVE-2026-25795: Denial of Service due to NULL pointer dereference during temporary file creation failure (bsc#1258792). - CVE-2026-25796: Memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths (bsc#1258757). - CVE-2026-25797: Code injection in various encoders (bsc#1258770). - CVE-2026-25798: NULL Pointer Dereference in ClonePixelCacheRepository via crafted image (bsc#1258787). - CVE-2026-25799: Division-by-Zero in YUV sampling factor validation leads to crash (bsc#1258786). - CVE-2026-25897: Out-of-bounds heap write via integer overflow in sun decoder (bsc#1258799). - CVE-2026-25898: Information disclosure or denial of service via crafted image with invalid pixel index (bsc#1258807). - CVE-2026-25965: Policy bypass through path traversal allows reading restricted content despite secured policy (bsc#1258785). - CVE-2026-25966: Security Policy Bypass through config/policy-secure.xml via "fd handler" leads to stdin/stdout access (bsc#1258780). - CVE-2026-25970: Memory corruption and denial of service via signed integer overflow in SIXEL decoder (bsc#1258802). - CVE-2026-25971: MSL: Stack overflow in ProcessMSLScript (bsc#1258774). - CVE-2026-25983: Denial of service via crafted MSL script (bsc#1258805). - CVE-2026-25986: Denial of Service via malicious YUV image processing (bsc#1258818). - CVE-2026-25987: Memory disclosure and denial of service via crafted MAP files (bsc#1258821). - CVE-2026-25988: Denial of Service due to memory leak in image processing (bsc#1258810). - CVE-2026-25989: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder (bsc#1258771). - CVE-2026-26066: Infinite loop when writing IPTCTEXT leads to denial of service via crafted profile (bsc#1258769). - CVE-2026-26284: Heap overflow in pcd decoder leads to out of bounds read (bsc#1258765). - CVE-2026-26983: Invalid MSL <map> can result in a use after free (bsc#1258763). - CVE-2026-27798: Heap Buffer Over-read in WaveletDenoise when processing small images (bsc#1259018). - CVE-2026-27799: ImageMagick has a heap Buffer Over-read in its DJVU image format handler (bsc#1259017). </description> </patchinfo>
