An update for ImageMagick is now available for openEuler-20.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-1033 Final 1.0 1.0 2026-01-09 Initial 2026-01-09 2026-01-09 openEuler SA Tool V1.0 2026-01-09 ImageMagick security update An update for ImageMagick is now available for openEuler-20.03-LTS-SP4 Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves. Security Fix(es): ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue.(CVE-2025-68618) ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file will be affected. Version 7.1.2-12 fixes the issue.(CVE-2025-68950) ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue.(CVE-2025-69204) An update for ImageMagick is now available for openEuler-20.03-LTS-SP4. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium ImageMagick https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1033 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-68618 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-68950 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-69204 https://nvd.nist.gov/vuln/detail/CVE-2025-68618 https://nvd.nist.gov/vuln/detail/CVE-2025-68950 https://nvd.nist.gov/vuln/detail/CVE-2025-69204 openEuler-20.03-LTS-SP4 ImageMagick-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-c++-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-c++-devel-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-debuginfo-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-debugsource-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-devel-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-perl-6.9.13.37-1.oe2003sp4.aarch64.rpm ImageMagick-6.9.13.37-1.oe2003sp4.src.rpm ImageMagick-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-c++-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-c++-devel-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-debuginfo-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-debugsource-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-devel-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-perl-6.9.13.37-1.oe2003sp4.x86_64.rpm ImageMagick-help-6.9.13.37-1.oe2003sp4.noarch.rpm ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, using Magick to read a malicious SVG file resulted in a DoS attack. Version 7.1.2-12 fixes the issue. 2026-01-09 CVE-2025-68618 openEuler-20.03-LTS-SP4 Medium 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L ImageMagick security update 2026-01-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1033 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file will be affected. Version 7.1.2-12 fixes the issue. 2026-01-09 CVE-2025-68950 openEuler-20.03-LTS-SP4 Medium 4.0 AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L ImageMagick security update 2026-01-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1033 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, in the WriteSVGImage function, using an int variable to store number_attributes caused an integer overflow. This, in turn, triggered a buffer overflow and caused a DoS attack. Version 7.1.2-12 fixes the issue. 2026-01-09 CVE-2025-69204 openEuler-20.03-LTS-SP4 Medium 5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L ImageMagick security update 2026-01-09 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1033