[CLSA-2026:1782909114] ImageMagick: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-01 12:32:10 UTC
Description:
- CVE-2026-33901: out-of-bounds heap write in the MVG decoder (RenderMVGContent) when copying oversized gradient/pattern bodies into the token buffer - CVE-2026-33908: stack exhaustion via uncontrolled recursion in DestroyXMLTree when freeing a deeply nested XML document
Updated packages:
  • ImageMagick-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:bb707be227ae811bcdf7da99b80ead07f9628295e191f529fe14c89ef22d148d
  • ImageMagick-c++-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:07245c738c290001aa0ef1a1e9caa0b572332e6de28aa91de00e2f766d267692
  • ImageMagick-c++-devel-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:ee9085f3b1e28a0632cbe06edd0f8d189a66c9f0767113fc61ddb0e482036470
  • ImageMagick-devel-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:a910790c2a67445c73e7239ceeb914193fc220e588246985e48b735aae1dae88
  • ImageMagick-djvu-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:35296ff0f43b2d48af5b23674d52b0c932bd4bfb562eb636cff5791925441a4d
  • ImageMagick-doc-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:2e0f12328ecbc38e0a2b136707f4439614cbe002f28647983522232b3f98f944
  • ImageMagick-libs-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:0bcaaee8f4dc00571327d69de36350b470c71e9b12db0a4ad46fdfba00824841
  • ImageMagick-perl-6.9.13.25-1.el8_4.tuxcare.els34.x86_64.rpm
    sha:8cf41aa821b7136e2cac69ea602426304d6974e2757e7e0dca6cd211de5cd16b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.