Alerts This Week
Warning Icon 1 1,365
Alerts This Week
Warning Icon 1 1,365

openSUSE ImageMagick Important Denial of Service Updates 2026-21071-1

opensuse
Calendar Grey June 30, 2026
Dist Opensuse Esm H88
A critical security update for openSUSE's ImageMagick addresses multiple vulnerabilities affecting image processing.
An update that solves 32 vulnerabilities and has 32 bug fixes can now be installed.

Description

This update for ImageMagick fixes the following issues

Security issues:

- CVE-2026-42050: Stack buffer overflow in XTileImage (bsc#1265048).

- CVE-2026-42326: Information disclosure via malicious IPTC input file (bsc#1268092).

- CVE-2026-45031: Denial of Service due to resource policy bypass in PSD decoder (bsc#1268094).

- CVE-2026-45358: off by one in the meta encoder could result in an out of bounds read of a single byte in the meta

encoder (bsc#1268102).

- CVE-2026-45359: Information Disclosure via Invalid Connected-Components Value (bsc#1268095).

- CVE-2026-45624: Data exposure due to image processing vulnerability (bsc#1268096).

- CVE-2026-45664: Denial of Service due to excessive resource use in MNG coder (bsc#1268101).

- CVE-2026-46520: Denial of Service via out-of-bounds write when processing multiple images (bsc#1268112).

- CVE-2026-46521: out of bounds write can occur due to a missing check when using LZMA compression in the MIFF encoder

(bsc#1268124).

-...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service important information disclosure imagemagick OpenSUSE

Patch

Package List

- openSUSE Leap 16.0:

ImageMagick-7.1.2.0-160000.10.1

ImageMagick-config-7-SUSE-7.1.2.0-160000.10.1

ImageMagick-config-7-upstream-limited-7.1.2.0-160000.10.1

ImageMagick-config-7-upstream-open-7.1.2.0-160000.10.1

ImageMagick-config-7-upstream-secure-7.1.2.0-160000.10.1

ImageMagick-config-7-upstream-websafe-7.1.2.0-160000.10.1

ImageMagick-devel-7.1.2.0-160000.10.1

ImageMagick-doc-7.1.2.0-160000.10.1

ImageMagick-extra-7.1.2.0-160000.10.1

libMagick++-7_Q16HDRI5-7.1.2.0-160000.10.1

libMagick++-devel-7.1.2.0-160000.10.1

libMagickCore-7_Q16HDRI10-7.1.2.0-160000.10.1

libMagickWand-7_Q16HDRI10-7.1.2.0-160000.10.1

perl-PerlMagick-7.1.2.0-160000.10.1

References

* bsc#1265048

* bsc#1265373

* bsc#1268092

* bsc#1268094

* bsc#1268095

* bsc#1268096

* bsc#1268101

* bsc#1268102

* bsc#1268103

* bsc#1268105

* bsc#1268107

* bsc#1268108

* bsc#1268110

* bsc#1268111

* bsc#1268112

* bsc#1268113

* bsc#1268114

* bsc#1268116

* bsc#1268117

* bsc#1268119

* bsc#1268120

* bsc#1268121

* bsc#1268122

* bsc#1268123

* bsc#1268124

* bsc#1268125

* bsc#1268126

* bsc#1268645

* bsc#1268879

* bsc#1268880

* bsc#1269063

* bsc#1269064

References:

* https://www.suse.com/security/cve/CVE-2026-40169.html

* https://www.suse.com/security/cve/CVE-2026-42050.html

* https://www.suse.com/security/cve/CVE-2026-42326.html

* https://www.suse.com/security/cve/CVE-2026-45031.html

* https://www.suse.com/security/cve/CVE-2026-45358.html

* https://www.suse.com/security/cve/CVE-2026-45359.html

* https://www.suse.com/security/cve/CVE-2026-45624.html

* https://www.suse.com/security/cve/CVE-2026-45664.html

* https://www.suse.com/security/cve/CVE-2026-46520.html

* https://www.suse.com/security/cve/CVE-2026-46521.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21071-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory denial of service important information disclosure imagemagick OpenSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here