Release date:
2026-07-08 15:51:26 UTC
Description:
- CVE-2026-46522: add the missing length==0 checks to the MIFF
decoder BZ2/LZMA/zlib decompression paths to reject empty
compressed chunks and prevent an infinite loop (CPU exhaustion)
on crafted files
- CVE-2026-46523: mark the MSL coder as not supporting direct blob
I/O (entry->blob_support=MagickFalse in RegisterMSLImage) to
prevent a heap-use-after-free triggered by a crafted MSL image
Updated packages:
-
ImageMagick-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:9208c31774b88fdb73c904d36c0c128d90e4c1d8ca58bc6be7889ddf559c99c8
-
ImageMagick-c++-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:857bf39073c9e275f6e2f04b8162ee50212fec8846ef294ccf62356eed0afe57
-
ImageMagick-c++-devel-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:d75caed386e1aa5b0e7ee2675ae3dbc17a3dd9ef830d3f6c44381b2451a7524d
-
ImageMagick-devel-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:1d2f0012a93dac191a2080a616269b4edcb5e6b92d00e90c90c384190691d3d3
-
ImageMagick-djvu-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:37f8e54d894ac2007e9f108979ddc9ba4d112af1766b2e37a186e0d66ef51c04
-
ImageMagick-doc-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:73cfb0114d3afc7270eae29d1f8b245a0cb3186ac746e3e412ca40a0430476e6
-
ImageMagick-libs-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:13da07cdc83eae0b933ec56efe2c56954cc3784ea490834a57dd8112fee010a6
-
ImageMagick-perl-6.9.13.25-1.el9_6.tuxcare.els13.x86_64.rpm
sha:e8096a307d5c3fde61783c5b98d7914a53d631cb92300b662ccd1acd4a152d09
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.