-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 19 Oct 2025 10:37:32 +0200 Source: imagemagick Binary: imagemagick-7-common imagemagick-7-doc libimage-magick-perl libmagick++-7-headers libmagick++-dev libmagickcore-7-headers libmagickcore-dev libmagickwand-7-headers libmagickwand-dev perlmagick Architecture: all Version: 8:7.1.1.43+dfsg1-1+deb13u3 Distribution: trixie Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Bastien Roucariès Description: imagemagick-7-common - image manipulation programs -- infrastructure imagemagick-7-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libmagick++-7-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-7-headers - low-level image manipulation library - header files libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-7-headers - image manipulation library - headers files libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 1118340 Changes: imagemagick (8:7.1.1.43+dfsg1-1+deb13u3) trixie; urgency=high . * Fix CVE-2025-62171 (Closes: #1118340) Integer Overflow in BMP Decoder (ReadBMP): CVE-2025-57803 claims to be patched, but the fix is incomplete and ineffective. . The patch added BMPOverflowCheck() but placed it after the overflow occurs, making it useless. A malicious 58-byte BMP file can trigger AddressSanitizer crashes and DoS. Checksums-Sha1: 941625ecaced495f6583a3092ec60b87be93085d 69120 imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u3_all.deb 7044bbad45c8028a7636768ff15dfdc243dccdcc 9213640 imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u3_all.deb 4c8e9fc4707feb6278093352715c62b986cfc5b3 18508 imagemagick_7.1.1.43+dfsg1-1+deb13u3_all-buildd.buildinfo c0db3f1d343072809aea1b245aa972b05b880464 38912 libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u3_all.deb 79e7770b0ad7c92233376dd2ac16f5ae2246772f 47652 libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb d2eab503bc3c8a7545122d34e0c833ab4dc67bc9 1188 libmagick++-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb 0796b532a75c932860a15ac227cb1c54a59f28f4 50440 libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb 07d26f4cece70660d12b4a85061437a34eac5dc9 1164 libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb ae8fb3d1b5873a17a8c43229399039ee05dfc434 9868 libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb c9b9d500a18c2f613fb4ec888fdd019488211edd 1144 libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb 7ba5ad66143b150ac53e9d1bd18700ef825005a8 1192 perlmagick_7.1.1.43+dfsg1-1+deb13u3_all.deb Checksums-Sha256: 17c68f676330c79e3cd9026372c02cc893e5c7d1e76b35450e62343ca404cc47 69120 imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u3_all.deb 92d540b9c35d43f2f96431833772c7964c7bcd6e19f82f31e742ac611e6285a8 9213640 imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u3_all.deb 060750c7b20b49d6df07a92f46b4fdd5de9bae1c3e176fd3f79023de26b2a817 18508 imagemagick_7.1.1.43+dfsg1-1+deb13u3_all-buildd.buildinfo 2e2887f76e724d47838bd119b942763b3133e037cbe78ffc8b06d1f1d1f7bac1 38912 libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u3_all.deb 4824cc2591f026cb89b92b8077a230926090992dd226357fbf8f8afb4513d4cc 47652 libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb 26c6fea76d60da4534c0a074d15546e7aca88e73ddddedea9df4f743b360c204 1188 libmagick++-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb e12a68c53698996336383d604a79c3b08984344bb0a33be141af6cc3ffade796 50440 libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb bce8fc02102fd70d70b204d294f4056d35cbf88a3a6c07a6ce163b14b9c10d61 1164 libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb c9e583ed229cb76c82c5e9eca334b3dd18fd1efd694f363cecf4e7f113188bd4 9868 libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb 371df3febc28617e4f55ea20f1c7f1b35638f830075cff5889c2fcf239ad783e 1144 libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb 4e4ab6e647312c7f508518cbb5aac3acebddbd8baeb377f326c0a3fdbe792a63 1192 perlmagick_7.1.1.43+dfsg1-1+deb13u3_all.deb Files: 90da895023dbc3e130a1589a63c95baf 69120 graphics optional imagemagick-7-common_7.1.1.43+dfsg1-1+deb13u3_all.deb fa85657861c040eb7273729e69627f54 9213640 doc optional imagemagick-7-doc_7.1.1.43+dfsg1-1+deb13u3_all.deb 64ad8649bdb2a9119cb8004f0495c33a 18508 graphics optional imagemagick_7.1.1.43+dfsg1-1+deb13u3_all-buildd.buildinfo df2cb7d9b42919e9283762bf88c28700 38912 perl optional libimage-magick-perl_7.1.1.43+dfsg1-1+deb13u3_all.deb 3f8238ac5182f599683adf33d72dda10 47652 libdevel optional libmagick++-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb 4de538723ed41688fb98c7874397b6a5 1188 oldlibs optional libmagick++-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb 42a8344bcca70f91abf00e8810981125 50440 libdevel optional libmagickcore-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb ddc8a095bc7f234b1401215264d38bf9 1164 oldlibs optional libmagickcore-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb bdd2291d816a300e3291ab9652521938 9868 libdevel optional libmagickwand-7-headers_7.1.1.43+dfsg1-1+deb13u3_all.deb 25afce6c1e037088ad589487a3239346 1144 oldlibs optional libmagickwand-dev_7.1.1.43+dfsg1-1+deb13u3_all.deb dfd82b2bb2121c234aef8e293bbd565e 1192 oldlibs optional perlmagick_7.1.1.43+dfsg1-1+deb13u3_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEj4Fym5GgeZdPqKhrJm69HxMTN+oFAmkHTzoACgkQJm69HxMT N+qHERAAivkbuWE3b33+w1cWNnVY4qReCzVIBiB1WnK8KQKygo1mh7tjkcH6DpLk n/nWJjorMBugEQ6x25eTGRhOK/v3Tys6b/U9aJO2jt+GZrUrgTmCUAW5a2gDhm/P 2n9u7SO+OMh4Xd7i2FncO7tLHOGQoOYPFGQxGf0Py4N6mrWhm8EVKXtWJbwPtfjN X2BnCoN3QPr5oWDEvUF1DuXUE/oyCRn2XR5npFHrgnu1fhXci1M4Bn6VvLXmIiXP GsSHeOhqL6yh2f8T60uLUcKcqWc0LD4ol5qLdY3V6Pg2A45eGc14zcKoWPZ4b8uP fk/EmiqsSOfMhHdCjM2Vf0U4ymN/JMGwuEMfuPwbIRZs7biX8hVFwr/l1esVO2st gL38GDup7X+LV2gRoEAofIoSfvQmhswhg2w32p28lywWsjSd+i1zhu7qeh/xfjSy cP4ComKaKW+JvmOEoo5cJGEPuEO1LPgcub7eQX3RWUmPubNpWbc7Upb50mY6xXf3 x2xxyrsER4HpK+L/bZeBI3JOobqIE/03fWTeYfx7I+J43zElKiZoSurA2KdvoCiy gkz4dQOrIxc8Hhnp2jlLRJ+orJAFowAGzfSwyfKGGSBmnpimGYYXWBmXi5o+7rs7 HgCPXdSw3v4xZAB315XNNdOdSewFlIF5jVw3LcrDThSQAzc7d5A= =AKGX -----END PGP SIGNATURE-----