SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-938

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-938

Security update for GraphicsMagick

Type: security

Severity: important

Issued: 2026-03-20

Description:

This update for GraphicsMagick fixes the following issues:

- CVE-2026-28691: missing check in the JBIG decoder can lead to an uninitialized pointer dereference (bsc#1259455).
- CVE-2026-30883: missing bounds check when encoding a PNG image can lead to a heap buffer over-write (bsc#1259467).

References

CVE: CVE-2026-30883
CVE: CVE-2026-28691
Bugzilla: 1259467 VUL-0: CVE-2026-30883: ImageMagick,GraphicsMagick: missing bounds check when encoding a PNG image can lead to a heap buffer over-write
Bugzilla: 1259455 VUL-0: CVE-2026-28691: ImageMagick,GraphicsMagick: missing check in the JBIG decoder can lead to an uninitialized pointer dereference

Packages

GraphicsMagick-1.3.42-150600.3.15.1