Updated graphicsmagick packages fix security vulnerabilities
Publication date: 07 May 2026Modification date: 07 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-26284 , CVE-2026-33535
Description
ImageMagick has a heap overflow in the pcd decoder that leads to an out
of bounds read. (CVE-2026-26284)
ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display
interaction. (CVE-2026-33535)
References
- https://bugs.mageia.org/show_bug.cgi?id=35408
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BMSWBU7XGK6MZYTE62GVV7BFJIH6PSZU/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NPVKK6XVDNZQVOOYGCEQVGQHUWYX64EY/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26284
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33535
SRPMS
9/core
- graphicsmagick-1.3.40-1.5.mga9
9/tainted
- graphicsmagick-1.3.40-1.5.mga9.tainted