Explore top 10 tips to secure your open-source projects now. Read More
×
This update for ImageMagick fixes the following issues
* CVE-2026-53466: integer overflow in the XCF decoder can result in an out-of-
bounds read when a crafted image is read (bsc#1270073).
* CVE-2026-53467: allocated memory left unchanged in the MNG decoder can lead
to a heap information disclosure (bsc#1270074).
* CVE-2026-55594: missing depth check in the MVG decoder will result in a
stack overflow when a crafted image is provided (bsc#1270077).
* CVE-2026-55595: providing invalid arguments to the `connected-components`
option can lead to an infinite loop (bsc#1270079).
* CVE-2026-55597: incorrect handling of arguments can cause a heap buffer
over-write in the JP2 encoder (bsc#1270080).
* CVE-2026-56361: off-by-one error in morphology validation can lead to an
out-of-bounds read (bsc#1270001).
* CVE-2026-56363: integer overflow leading to a division by zero in binomial
kernel processing can cause an application crash (bsc#1270002).
*...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-3053=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-3053=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-3053=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-3053=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-3053=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3053=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch...
Read the Full Advisory* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.96.1
* ImageMagick-devel-7.1.0.9-150400.6.96.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.96.1
* ImageMagick-7.1.0.9-150400.6.96.1
* libMagick++-devel-7.1.0.9-150400.6.96.1
* ImageMagick-debugsource-7.1.0.9-150400.6.96.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.96.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.96.1
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.96.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.96.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.96.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.96.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.96.1
* perl-PerlMagick-7.1.0.9-150400.6.96.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.96.1
* openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64)
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.96.1
* ImageMagick-extra-debuginfo-7.1.0.9-150400.6.96.1
* ImageMagick-devel-7.1.0.9-150400.6.96.1
*...
Read the Full Advisory* bsc#1268640
* bsc#1268645
* bsc#1268878
* bsc#1268879
* bsc#1268880
* bsc#1269063
* bsc#1269064
* bsc#1270001
* bsc#1270002
* bsc#1270003
* bsc#1270004
* bsc#1270073
* bsc#1270074
* bsc#1270077
* bsc#1270079
* bsc#1270080
## References:
* https://www.suse.com/security/cve/CVE-2026-53466.html
* https://www.suse.com/security/cve/CVE-2026-53467.html
* https://www.suse.com/security/cve/CVE-2026-55594.html
* https://www.suse.com/security/cve/CVE-2026-55595.html
* https://www.suse.com/security/cve/CVE-2026-55597.html
* https://www.suse.com/security/cve/CVE-2026-56361.html
* https://www.suse.com/security/cve/CVE-2026-56363.html
* https://www.suse.com/security/cve/CVE-2026-56364.html
* https://www.suse.com/security/cve/CVE-2026-56365.html
* https://www.suse.com/security/cve/CVE-2026-56367.html
* https://www.suse.com/security/cve/CVE-2026-56368.html
* https://www.suse.com/security/cve/CVE-2026-56370.html
* https://www.suse.com/security/cve/CVE-2026-56371.html
* https://www.suse.com/security/cve/CVE-2026-56376.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.