This update for ImageMagick fixes the following issue
- CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely
large images (bsc#1259528).
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-740=1
- openSUSE Leap 16.0:
ImageMagick-7.1.2.0-160000.9.1
ImageMagick-config-7-SUSE-7.1.2.0-160000.9.1
ImageMagick-config-7-upstream-limited-7.1.2.0-160000.9.1
ImageMagick-config-7-upstream-open-7.1.2.0-160000.9.1
ImageMagick-config-7-upstream-secure-7.1.2.0-160000.9.1
ImageMagick-config-7-upstream-websafe-7.1.2.0-160000.9.1
ImageMagick-devel-7.1.2.0-160000.9.1
ImageMagick-doc-7.1.2.0-160000.9.1
ImageMagick-extra-7.1.2.0-160000.9.1
libMagick++-7_Q16HDRI5-7.1.2.0-160000.9.1
libMagick++-devel-7.1.2.0-160000.9.1
libMagickCore-7_Q16HDRI10-7.1.2.0-160000.9.1
libMagickWand-7_Q16HDRI10-7.1.2.0-160000.9.1
perl-PerlMagick-7.1.2.0-160000.9.1
* bsc#1259528
References:
* https://www.suse.com/security/cve/CVE-2026-31853.html
Get the latest Linux and open source security news straight to your inbox.