Source: graphicsmagick Version: 1.4+really1.3.46-2 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for graphicsmagick. The information available is only from RedHat bugzilla at time of this writing, might you reach out to upstream to see if they are ware of it? CVE-2026-13606[0]: | Memory corruption via crafted Photo CD (PCD) file If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-13606 https://www.cve.org/CVERecord?id=CVE-2026-13606 [1] https://bugzilla.redhat.com/show_bug.cgi?id=2494107 Please adjust the affected versions in the BTS as needed. Regards, Salvatore

