Debian 10260 Published by

Debian GNU/Linux 10 (Buster) Extended LTS has received an ImageMagick update to fix a regression that the previous update introduced:

ELA-1133-2 imagemagick regression update




ELA-1133-2 imagemagick regression update

Package : imagemagick
Version : 8:6.9.10.23+dfsg-2.1+deb10u9 (buster)

Related CVEs :
CVE-2023-34151

The Imagemagick security update issued as ELA 1133-1 addressed the
vulnerability identified by CVE-2023-34151. The fix for that CVE introduced a
regression.

A Magick Vector Graphics file including a pattern operator could return an
incorrect bounding box, and thus generate a corrupted pattern.

ELA-1133-2 imagemagick regression update