home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   linux.debian.changes      Debian changes... like the weather      791 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 730 of 791   
   Debian FTP Masters to All   
   Accepted imagemagick 8:7.1.1.43+dfsg1-1+   
   29 Jan 26 19:50:01   
   
   From: ftpmaster@ftp-master.debian.org   
      
   -----BEGIN PGP SIGNED MESSAGE-----   
   Hash: SHA512   
      
   Format: 1.8   
   Date: Wed, 21 Jan 2026 22:54:51 +0100   
   Source: imagemagick   
   Architecture: source   
   Version: 8:7.1.1.43+dfsg1-1+deb13u5   
   Distribution: trixie-security   
   Urgency: high   
   Maintainer: ImageMagick Packaging Team    
   Changed-By: Bastien Roucariès    
   Closes: 1126074 1126075 1126076 1126077   
   Changes:   
    imagemagick (8:7.1.1.43+dfsg1-1+deb13u5) trixie-security; urgency=high   
    .   
      * Fix CVE-2026-22770 (Closes: #1126074)   
        The BilateralBlurImage method will allocate a set of   
        double buffers inside AcquireBilateralTLS.   
        The last element in the set is not properly initialized.   
        This will result in a release of an invalid pointer   
        inside DestroyBilateralTLS when the memory allocation fails   
      * Fix CVE-2026-23874 (Closes: #1126075)   
        a stack overflow was found via infinite recursion in   
        MSL (Magick Scripting Language) `` command when   
        writing to MSL format.   
      * Fix CVE-2026-23876 (Closes: #1126076)   
        A heap buffer overflow vulnerability was found in the XBM   
        image decoder (ReadXBMImage) allows an attacker to write   
        controlled data past the allocated heap buffer when   
        processing a maliciously crafted image file.   
        Any operation that reads or identifies an image can   
        trigger the overflow, making it exploitable via common   
        image upload and processing pipelines.   
      * Fix CVE-2026-23952 (Closes: 1126077)   
        NULL pointer dereference was found in MSL parser via    
        tag before image load   
   Checksums-Sha1:   
    ac3ad08b76340e88e557fe15be92a857b53119aa 5136 imagemagick_7.1.1   
   43+dfsg1-1+deb13u5.dsc   
    103af0af388a733c043845b228cf3031c16d859b 10501740 imagemagick_7   
   1.1.43+dfsg1.orig.tar.xz   
    0ecd87899c9b8a8daa1b832d09b6e1977c050f97 290680 imagemagick_7.1   
   1.43+dfsg1-1+deb13u5.debian.tar.xz   
    634f6313201071dff90afc18205fa7eb4bbfd82a 8270 imagemagick_7.1.1   
   43+dfsg1-1+deb13u5_source.buildinfo   
   Checksums-Sha256:   
    8cc5522d20d13c8aefd519b8154adabd57d45e77a6e4d41dad53e41dd6270282 5136   
   imagemagick_7.1.1.43+dfsg1-1+deb13u5.dsc   
    bcb4f3c78a930a608fa4889f889edbcb384974246ad9407fce1858f2c0607bfe 10501740   
   imagemagick_7.1.1.43+dfsg1.orig.tar.xz   
    a73149ec1064a299323306cf9a86392b4789735c3e47012c50315f19320a36ef 290680   
   imagemagick_7.1.1.43+dfsg1-1+deb13u5.debian.tar.xz   
    f12abe74e2ff6579c640a2d3722b288ee792af25e66e7feb86a53dd644689ae7 8270   
   imagemagick_7.1.1.43+dfsg1-1+deb13u5_source.buildinfo   
   Files:   
    6d1eb54ae9fd214a01f7d76568d2c172 5136 graphics optional imagema   
   ick_7.1.1.43+dfsg1-1+deb13u5.dsc   
    01cfb13a7c1813afb50790e431358c6c 10501740 graphics optional ima   
   emagick_7.1.1.43+dfsg1.orig.tar.xz   
    d1e748754f5be8e0b543d484b0d60942 290680 graphics optional image   
   agick_7.1.1.43+dfsg1-1+deb13u5.debian.tar.xz   
    8b5779309c9496adb24040b5fe0ba976 8270 graphics optional imagema   
   ick_7.1.1.43+dfsg1-1+deb13u5_source.buildinfo   
      
   -----BEGIN PGP SIGNATURE-----   
      
   iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmlzocwACgkQADoaLapB   
   CF/9SA/+L87y2EH+5zh0Ya4jwO/JlqiKfkssx8+ryr+uppzoj1c3TwS74cGW1/RH   
   gEvzXD9Rp9wLlHg5ShOfRCgWHDM21D3D+a0XBqReDLP2bLQNOkoExZwJOgD1fltP   
   0BPOM/xnJk+dCHKakHhIi4Pbv2g+g9nGdKH1Ui+6DItDON+POfwyYZb+8ZiV9FBO   
   sMiQe2SlO8l5UlOW6Xh7TgZdvdlIMFRqaHosZkAuZ2RVZGohrqQxL7xJ/RbzafP6   
   GupX86vA1/5ahoy5Qk5s7FM19H6ReqRqkTlMvfZ9dc8K40MG41yVefJooFzN02Hf   
   SuD1ZL4Ia4mE5wOvyIhP0Qg4Mkot3eKFaszFh02wnH2v0em79hOGxKtAbGQmtcH3   
   jxy+5PiL4D8qpnAvvmo2ZaH3J8f6INrv5T9u/vD6sh+ESueNEroxVSzdwQG3eEAt   
   KtvRnyJg4lbTaqpaYnCbAwrHDqnovk6B2qVyIXJvUxALl8tbXa1YJ8Xa+n6hWZ/8   
   Vcb/F7ozPqqFRcFE9xc30ys1uBzin9V/4HaKyXWguUDb/ZsUDDGwssZW5hIuieV/   
   sc7OxyAo7TZwXvEQ/uVP5ZCGodZOIgRV5A2IXnRkcW/OHBCa4XFQUMH8dEmToBip   
   YN3WwdWfVKbBWRZQJJxFS8dXSltKfJhrb6kAYbjSbGIk5FDyxoY=   
   =eDTl   
   -----END PGP SIGNATURE-----   
      
      
   --==============‰71970651123693762=Content-Type: application/pgp-signature   
      
   -----BEGIN PGP SIGNATURE-----   
      
   iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaXurPwAKCRCb9qggYcy5   
   IeCRAQDpXy8W4ng37khYGrHTnWRJq6Jlb/bS+19BaOshdw6YXgD/QJ7vQJ3fxenx   
   V5tGFZs3mNv9w51VkL6zvNXxu9WD8AE=yW+H   
   -----END PGP SIGNATURE-----   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca