Your message dated Sat, 03 Jan 2026 19:56:18 +0000
with message-id <[email protected]>
and subject line Bug#1122827: fixed in imagemagick 8:6.9.11.60+dfsg-1.6+deb12u5
has caused the Debian Bug report #1122827,
regarding imagemagick: CVE-2025-65955
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1122827: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122827
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: imagemagick
Version: 8:7.1.2.8+dfsg1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for imagemagick.
CVE-2025-65955[0]:
| ImageMagick is free and open-source software used for editing and
| manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there
| is a vulnerability in ImageMagick’s Magick++ layer that manifests
| when Options::fontFamily is invoked with an empty string. Clearing a
| font family calls RelinquishMagickMemory on _drawInfo->font, freeing
| the font string but leaving _drawInfo->font pointing to freed memory
| while _drawInfo->family is set to that (now-invalid) pointer. Any
| later cleanup or reuse of _drawInfo->font re-frees or dereferences
| dangling memory. DestroyDrawInfo and other setters (Options::font,
| Image::font) assume _drawInfo->font remains valid, so destruction or
| subsequent updates trigger crashes or heap corruption. This
| vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-65955
https://www.cve.org/CVERecord?id=CVE-2025-65955
[1]
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-q3hc-j9x5-mp9m
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.11.60+dfsg-1.6+deb12u5
Done: Bastien Roucariès <[email protected]>
We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastien Roucariès <[email protected]> (supplier of updated imagemagick package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 30 Dec 2025 17:36:07 +0100
Source: imagemagick
Architecture: source
Version: 8:6.9.11.60+dfsg-1.6+deb12u5
Distribution: bookworm
Urgency: medium
Maintainer: ImageMagick Packaging Team
<[email protected]>
Changed-By: Bastien Roucariès <[email protected]>
Closes: 1118340 1122584 1122827
Changes:
imagemagick (8:6.9.11.60+dfsg-1.6+deb12u5) bookworm; urgency=medium
.
* Fix CVE-2025-62171 (Closes: #1118340)
Integer Overflow in BMP Decoder (ReadBMP):
CVE-2025-57803 claims to be patched, but the fix is incomplete
and ineffective.
.
The patch added BMPOverflowCheck() but placed it
after the overflow occurs, making it useless.
A malicious 58-byte BMP file can trigger AddressSanitizer
crashes and DoS.
* Fix CVE-2025-65955 (Closes: #1122827)
A vulnerability was found in ImageMagick’s Magick++ layer that
manifests when Options::fontFamily is invoked with an empty
string. Clearing a font family calls RelinquishMagickMemory on
_drawInfo->font, freeing the font string but leaving _drawInfo->font
pointing to freed memory while _drawInfo->family is set to that
(now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font
re-frees or dereferences dangling memory. DestroyDrawInfo and other
setters (Options::font, Image::font) assume _drawInfo->font remains
valid, so destruction or subsequent updates trigger crashes or heap
corruption
* Fix CVE-2025-66628 (Closes: #1122584)
The TIM (PSX TIM) image parser contains a critical integer overflow
vulnerability in its ReadTIMImage function (coders/tim.c). The code
reads width and height (16-bit values) from the file header and
calculates image_size = 2 * width * height without checking for
overflow. On 32-bit systems (or where size_t is 32-bit), this
calculation can overflow if width and height are large (e.g., 65535),
wrapping around to a small value
* Fix CVE-2025-68469
ImageMagick crashes when processing a crafted TIFF file.
* Fix CVE-2025-68618:
Magick's failure to limit the depth of SVG file reads caused
a DoS attack.
* Fix CVE-2025-68950:
Magick's failure to limit MVG mutual references forming a loop
* Fix CVE-2025-69204:
Converting a malicious MVG file to SVG caused an integer overflow.
Checksums-Sha1:
4892c76966cf497f9d9614246f1877c373ef506f 5106
imagemagick_6.9.11.60+dfsg-1.6+deb12u5.dsc
824a63dce5e54bd8b78077d671d8ab06300a8848 9395144
imagemagick_6.9.11.60+dfsg.orig.tar.xz
76f738497c6a2355532d9295143c2d40c7f86c71 278516
imagemagick_6.9.11.60+dfsg-1.6+deb12u5.debian.tar.xz
def8d10587958ceb259a9cfcf024828e29e4467b 8249
imagemagick_6.9.11.60+dfsg-1.6+deb12u5_source.buildinfo
Checksums-Sha256:
c2f8aa0015d7994d71ba16f36e06462bc058a0c0e93ab6b8bf1c0eafde846429 5106
imagemagick_6.9.11.60+dfsg-1.6+deb12u5.dsc
472fb516df842ee9c819ed80099c188463b9e961303511c36ae24d0eaa8959c4 9395144
imagemagick_6.9.11.60+dfsg.orig.tar.xz
15aee54902aae6614974ebf739dd69b494dda4d10b1ce2ce8a20042133070845 278516
imagemagick_6.9.11.60+dfsg-1.6+deb12u5.debian.tar.xz
0d262edb299bb71e0f566a9cf48fb938ac9aad83240b1141092c0f348c3b1176 8249
imagemagick_6.9.11.60+dfsg-1.6+deb12u5_source.buildinfo
Files:
0696c47514d8317c773dd19501680c7d 5106 graphics optional
imagemagick_6.9.11.60+dfsg-1.6+deb12u5.dsc
8b8f7b82bd1299cf30aa3c488c46a3cd 9395144 graphics optional
imagemagick_6.9.11.60+dfsg.orig.tar.xz
38d89e5738983c366f3517fd2147bb7a 278516 graphics optional
imagemagick_6.9.11.60+dfsg-1.6+deb12u5.debian.tar.xz
ba98da587ae674b1b539f129ef63e45e 8249 graphics optional
imagemagick_6.9.11.60+dfsg-1.6+deb12u5_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmlZBVIACgkQADoaLapB
CF/Pkg/6Anh0tMDLB0J7ILjm7xVDvSZp1KKksstmPsBTZOkgGXrQWWOJsP3UJcxD
YdeZF8D2H7FaetUjHiW3lf9NVzH6I3J9gCdCHOBKIKu0aGMJcJ+aWK4W+bccxMpv
N8jLlWltqADL0riS017udXsZwqOjeCD8cGEd+QIOzeIgNZjW4a8IKTkMIFlGg5iy
5nZdPRf0iP+CDe/3FgUMHClGzznmvFpAmss4mEbWf3MreQ/xRd1nl8OQ9AvvF/8R
tPJauB7ZsOqmWJd2x76jMjEZtFwD6Gst1dyAt+cNmYSyIhRJAWoHX2GvrSLAywQS
gk5FTkiUg0SfUXWmnvBSLplV53nmLnV1OyrIPkK7ke4fYObsso65l67Ye0t1uTfj
M4Tc3N7SxlA5UUxWBgHu0sufXvScihw9q9rV3WnPe7evgl7dsovCgQQFcl1MY168
US7ep/3SET4AzJO7qahW7Yp+yvLbyPxGCXw/sYJYdyjd9NvybxImbCS4KGvg5ov7
hKjHueRUcrpWtPQsC4eWnO1yHHx4wy+H4X9Z0y8ExqNaZpi4PJxXsdCoO0aojn21
iXsMzLWqxOPkkolPBttMy1UvjXHp8gLSbpO8sLeFmzd2ZQhZpTO0OAJowzy7onyt
CKG1dqCbV5Au7+JTPhZ/7+FR1t8UuKqG44kHYptLIq5hhN/Xm/g=
=Wtsy
-----END PGP SIGNATURE-----
pgpKx3Wu26SEC.pgp
Description: PGP signature
--- End Message ---
