[CLSA-2026:1782909474] ImageMagick: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-01 12:38:15 UTC
Description:
- CVE-2026-33901: out-of-bounds heap write in the MVG decoder (RenderMVGContent) when copying oversized gradient/pattern bodies into the token buffer - CVE-2026-33908: stack exhaustion via uncontrolled recursion in DestroyXMLTree when freeing a deeply nested XML document
Updated packages:
  • ImageMagick-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:61f00f92be581c776ae797401637c3d83f8be552087d65c05276cd052a2dd894
  • ImageMagick-c++-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:0bde3db5fd5138d3621144f5ee2eed49672b66bb2eee864b32bd948c7bf0b0a0
  • ImageMagick-c++-devel-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:c89f386c3922a94de48b9a01a439b19ad48fc9d7f06c9adea7ef8fb4d05fda0c
  • ImageMagick-devel-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:b8a836ebabba4da3e8c9d8219a26e135d4d155a82300d37733b46e11b831d275
  • ImageMagick-djvu-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:a79832ab71ab81d7b5a67b4b55e583663a1abc2a1be2f1617397fc3b00832694
  • ImageMagick-doc-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:1622c0e2c7422cb0776ed33b310980ea2b56ca02e2542847fe03f75cefd26686
  • ImageMagick-libs-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:1f834e289398e175179c263b1cb409b4e10fde785c90e23dd2feead25dcbed3a
  • ImageMagick-perl-6.9.13.25-1.el8_5.tuxcare.els34.x86_64.rpm
    sha:2fe962384015935d070bfe80489a07c89ca8d5f72ebee914a7ef2fad2fbec5c6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.