Release date:
2026-06-16 10:34:30 UTC
Description:
- CVE-2026-45358: off-by-one out-of-bounds read in the meta (8BIM/IPTC) encoder
- CVE-2026-46559: heap buffer over-write of a single byte in the JP2 encoder
- CVE-2026-49218: missing dimension check in the DCM decoder (zero rows/columns)
- CVE-2026-53461: heap buffer over-write in the ICON decoder due to an incorrect loop bound
- CVE-2026-53463: NULL pointer dereference in the distort operation on missing arguments
- CVE-2026-53460: missing maximum-memory-request check in AcquireAlignedMemory
- CVE-2026-46692: heap buffer over-write in the distributed pixel cache server
- CVE-2026-46693: file-descriptor hijacking race in the distributed pixel cache server
- CVE-2026-47166: heap buffer over-read in the distributed pixel cache server
Updated packages:
-
ImageMagick-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:d623c23de4e8da429ba23c970db1d1a9cceb203473fb9d735785ce6765d3716d
-
ImageMagick-c++-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:17d5670ddfd6df841d69eb251e05e52d003b5e7518233e86b206501d0f61ca60
-
ImageMagick-c++-devel-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:a479fa0a60970ef3f5656ae49745c003f0b027a4b8c9721a18afb516ef1475e9
-
ImageMagick-devel-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:93db9f288769d1b7c8679bfc88108b78e4cb64ed091f62f775e7bfe8f38b21c6
-
ImageMagick-djvu-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:dce06aabbc6b2ab410041283ab65156210d5d7187d25297457b2abd47f0d1ce5
-
ImageMagick-doc-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:2f879a51a082ccc2f2f6665183335045ecb7bf23ec87f5f2cdea10c322b04e90
-
ImageMagick-libs-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:c0b7c64d29d6650d794b0365d9ac45c7a2c857cb00a8c2dfab3a6e371b4997f2
-
ImageMagick-perl-6.9.13.25-1.el8_5.tuxcare.els32.x86_64.rpm
sha:27ddf2c66591d9fef20411631f38148781a05dd187c29abc7850f959ddfb5f1c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.