Debian Quality Assurance

imagemagick (8:7.1.2.3+dfsg1-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

• Git: https://salsa.debian.org/debian/imagemagick.git
• JSON
  Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
  For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
  The next upload will reset the information from the source package headers.
• Branch: debian/lastest
• Path: debian/changelog
• Repo size: 132476928
• Browser: https://salsa.debian.org/debian/imagemagick
• Last scan: 2025-09-10 17:32:13+00
• Next scan: 2025-09-18 17:14:00+00
• Merge requests: 1
• CI pipeline status: failed
• Debian changelog in Git:

  imagemagick (8:7.1.2.3+dfsg1-1) unstable; urgency=medium
  
    * New upstream version.
    * Fix CVE-2025-55212:
      Passing a geometry string containing only a colon (":") to montage
      -geometry leads GetGeometry() to set width/height to 0. Later,
      ThumbnailImage() divides by these zero dimensions, triggering
      a crash (SIGFPE/abort), resulting in a denial of service
      (Closes: #1111587)
    * Fix CVE-2025-55298:
      A format string bug vulnerability exists in InterpretImageFilename
      function where user input is directly passed to FormatLocaleString
      without proper sanitization. An attacker can overwrite arbitrary
      memory regions, enabling a wide range of attacks from heap overflow
      to remote code execution.
      (Closes: #1111586)
    * Fix CVE-2025-57803:
      A 32-bit integer overflow in the BMP encoder’s scanline-stride
      computation collapses bytes_per_line (stride) to a tiny value while
      the per-row writer still emits 3 × width bytes for 24-bpp images.
      The row base pointer advances using the (overflowed) stride,
      so the first row immediately writes past its slot
      and into adjacent heap memory with attacker-controlled bytes.
      (Closes: #1112469)
    * Fix CVE-2025-57807:
      ImageMagick versions include insecure functions: SeekBlob(),
      which permits advancing the stream offset beyond the current end without
      increasing capacity, and WriteBlob(), which then expands by
      quantum + length (amortized) instead of offset + length, and copies
      to data + offset. When offset ≫ extent, the copy targets memory
      beyond the allocation, producing a deterministic heap write
      on 64-bit builds
      (Closes: #1114520)
  
   -- Bastien Roucariès <rouca@debian.org>  Sat, 06 Sep 2025 01:44:14 +0200

• This branch is even with tag debian/8%7.1.2.3+dfsg1-1

Package: JSON [Main page]

---

Back to the Debian Project homepage.

---