CLSA-2026-1777542477

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1777542477

Upstream

CVE-2026-28690

Published

2026-04-30T09:48:01Z

Modified

2026-06-04T09:47:11.014404300Z

Summary

Fix CVE(s): CVE-2026-28690

Details

SECURITY UPDATE: stack buffer overflow in MNG/JNG encoder — missing NULL check after ImageToBlob() in WriteOneJNGImage could propagate a NULL blob pointer into later stack buffer operations (GHSA-7h7q-j33q-hvpf).
- debian/patches/CVE-2026-28690.patch: bail out of WriteOneJNGImage when ImageToBlob() returns NULL, destroying jpegimage and jpegimage_info before returning MagickFalse (upstream e6e874875e48dd9838acca3bd22c14a4d2f1b3ca)
- CVE-2026-28690

References

https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2026-1777542477.html

Affected packages

TuxCare:Ubuntu:16.04

imagemagick

Package

Name: imagemagick
Purl: pkg:deb/tuxcare/imagemagick?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

imagemagick-6.q16

Package

Name: imagemagick-6.q16
Purl: pkg:deb/tuxcare/imagemagick-6.q16?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

imagemagick-common

Package

Name: imagemagick-common
Purl: pkg:deb/tuxcare/imagemagick-common?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

imagemagick-doc

Package

Name: imagemagick-doc
Purl: pkg:deb/tuxcare/imagemagick-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libimage-magick-perl

Package

Name: libimage-magick-perl
Purl: pkg:deb/tuxcare/libimage-magick-perl?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libimage-magick-q16-perl

Package

Name: libimage-magick-q16-perl
Purl: pkg:deb/tuxcare/libimage-magick-q16-perl?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagick++-6-headers

Package

Name: libmagick++-6-headers
Purl: pkg:deb/tuxcare/libmagick++-6-headers?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagick++-6.q16-5v5

Package

Name: libmagick++-6.q16-5v5
Purl: pkg:deb/tuxcare/libmagick++-6.q16-5v5?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagick++-6.q16-dev

Package

Name: libmagick++-6.q16-dev
Purl: pkg:deb/tuxcare/libmagick++-6.q16-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagick++-dev

Package

Name: libmagick++-dev
Purl: pkg:deb/tuxcare/libmagick++-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickcore-6-arch-config

Package

Name: libmagickcore-6-arch-config
Purl: pkg:deb/tuxcare/libmagickcore-6-arch-config?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickcore-6-headers

Package

Name: libmagickcore-6-headers
Purl: pkg:deb/tuxcare/libmagickcore-6-headers?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickcore-6.q16-2

Package

Name: libmagickcore-6.q16-2
Purl: pkg:deb/tuxcare/libmagickcore-6.q16-2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickcore-6.q16-2-extra

Package

Name: libmagickcore-6.q16-2-extra
Purl: pkg:deb/tuxcare/libmagickcore-6.q16-2-extra?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickcore-6.q16-dev

Package

Name: libmagickcore-6.q16-dev
Purl: pkg:deb/tuxcare/libmagickcore-6.q16-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickcore-dev

Package

Name: libmagickcore-dev
Purl: pkg:deb/tuxcare/libmagickcore-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickwand-6-headers

Package

Name: libmagickwand-6-headers
Purl: pkg:deb/tuxcare/libmagickwand-6-headers?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickwand-6.q16-2

Package

Name: libmagickwand-6.q16-2
Purl: pkg:deb/tuxcare/libmagickwand-6.q16-2?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickwand-6.q16-dev

Package

Name: libmagickwand-6.q16-dev
Purl: pkg:deb/tuxcare/libmagickwand-6.q16-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

libmagickwand-dev

Package

Name: libmagickwand-dev
Purl: pkg:deb/tuxcare/libmagickwand-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"

perlmagick

Package

Name: perlmagick
Purl: pkg:deb/tuxcare/perlmagick?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8:6.8.9.9-7ubuntu5.17+tuxcare.els45

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1777542477.json"