[CLSA-2026:1782909743] ImageMagick: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-01 12:42:40 UTC
Description:
- CVE-2026-33901: out-of-bounds heap write in the MVG decoder (RenderMVGContent) when copying oversized gradient/pattern bodies into the token buffer - CVE-2026-33908: stack exhaustion via uncontrolled recursion in DestroyXMLTree when freeing a deeply nested XML document
Updated packages:
  • ImageMagick-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:41f1423ffa3b78d277aa74dc7e202fbbcb77bf67d12c2af1c65600ecb3f6175c
  • ImageMagick-c++-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:b31f140780092b8e4971cfca8cba484992340ddd7ec6b0aa518b7fa8504d2e5e
  • ImageMagick-c++-devel-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:e5f54e9789fe6871cdf9ccfcf9012eef34c739cddd6bb314b554a136facf4462
  • ImageMagick-devel-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:792521f5764d93aff90afaeeb284b052bcc68a74eafc58768d00adb9da418703
  • ImageMagick-djvu-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:215bc82eb644c28a8c846652e16f21bb39246d26e8fea18e6d1e8a5a861dbf72
  • ImageMagick-doc-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:c608f3296bec77463b69eb18bac257d1ef9c1996865dd6b7ecb270bfd054170d
  • ImageMagick-libs-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:5241d8a486e5fe994be5bcc43e5340fe6c9a6fa60d6058220b9a33a081b534bc
  • ImageMagick-perl-6.9.13.25-1.el8.tuxcare.els34.x86_64.rpm
    sha:6551f21bb0ed428faaffafdc3c31a51771adbc6ee204b22c77bfc947abddfb04
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.