Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2026:0061-1

Опубликовано: 07 янв. 2026
Источник: suse-cvrf

Описание

Security update for ImageMagick

This update for ImageMagick fixes the following issues:

  • CVE-2025-68618: read a malicious SVG file may result in a DoS attack (bsc#1255821).
  • CVE-2025-68950: check for circular references in mvg files may lead to stack overflow (bsc#1255822).
  • CVE-2025-69204: an integer overflow can lead to a DoS attack (bsc#1255823).

Список пакетов

openSUSE Leap 15.6
ImageMagick-7.1.1.21-150600.3.35.1
ImageMagick-config-7-SUSE-7.1.1.21-150600.3.35.1
ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.35.1
ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.35.1
ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.35.1
ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.35.1
ImageMagick-devel-7.1.1.21-150600.3.35.1
ImageMagick-devel-32bit-7.1.1.21-150600.3.35.1
ImageMagick-doc-7.1.1.21-150600.3.35.1
ImageMagick-extra-7.1.1.21-150600.3.35.1
libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.35.1
libMagick++-7_Q16HDRI5-32bit-7.1.1.21-150600.3.35.1
libMagick++-devel-7.1.1.21-150600.3.35.1
libMagick++-devel-32bit-7.1.1.21-150600.3.35.1
libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.35.1
libMagickCore-7_Q16HDRI10-32bit-7.1.1.21-150600.3.35.1
libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.35.1
libMagickWand-7_Q16HDRI10-32bit-7.1.1.21-150600.3.35.1
perl-PerlMagick-7.1.1.21-150600.3.35.1

Ссылки

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.

Затронутые продукты
openSUSE Leap 15.6:ImageMagick-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-SUSE-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.35.1
Ссылки

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file will be affected. Version 7.1.2-12 fixes the issue.

Затронутые продукты
openSUSE Leap 15.6:ImageMagick-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-SUSE-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.35.1
Ссылки

Описание

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.

Затронутые продукты
openSUSE Leap 15.6:ImageMagick-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-SUSE-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.35.1
openSUSE Leap 15.6:ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.35.1
Ссылки