Release date:
2026-07-06 13:37:19 UTC
Description:
- CVE-2026-46522: add the missing length==0 checks to the MIFF
decoder BZ2/LZMA/zlib decompression paths to reject empty
compressed chunks and prevent an infinite loop (CPU exhaustion)
on crafted files
- CVE-2026-46523: mark the MSL coder as not supporting direct blob
I/O (entry->blob_support=MagickFalse in RegisterMSLImage) to
prevent a heap-use-after-free triggered by a crafted MSL image
Updated packages:
-
ImageMagick-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:c24c99b299db92b741fe9dd168c11c2ba10a0aae086f5ca5acff36dbb1db0a40
-
ImageMagick-c++-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:691c8aac097552fafa1bba2bbb75e2fbe435c8d9ff9312347a993e583772023f
-
ImageMagick-c++-devel-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:73dc8a1fed843a04394c3a42313914c4b3de7cced71ad6a3f995f42c28c06e82
-
ImageMagick-devel-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:585400649065760170a7e079e566632b27a31e1277d28b6f9c91480bbbe982cc
-
ImageMagick-djvu-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:f0cd98252d18400a7e55a24e0253dafdf90b903c48d3a931206d0547918fad0f
-
ImageMagick-doc-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:ed7c7557941f50f8842f37c92185377d6112a7f18226c8313feb48604a1b5740
-
ImageMagick-libs-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:c32df752bf56c3586c35a73e788aa9ceb4435f9f849a96f7b1b88278510e58e3
-
ImageMagick-perl-6.9.13.25-1.el9_2.tuxcare.els13.x86_64.rpm
sha:6d4ccc1fbfe38d578ecf9648953d5d5b8b759462afecdbd7fcd800c37f019e13
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.