From 5b0c46c512f525eb94c779fe2996fe063472be83 Mon Sep 17 00:00:00 2001
From: wang_yue111 <648774160@qq.com>
Date: Tue, 25 May 2021 14:55:05 +0800
Subject: [PATCH] Fix CVE-2020-27769

(cherry picked from commit d62d86759be2c43ae3cc2904a502852251443485)
---
 CVE-2020-27769.patch | 36 ++++++++++++++++++++++++++++++++++++
 ImageMagick.spec     |  6 +++++-
 2 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-27769.patch

diff --git a/CVE-2020-27769.patch b/CVE-2020-27769.patch
new file mode 100644
index 0000000..0a847db
--- /dev/null
+++ b/CVE-2020-27769.patch
@@ -0,0 +1,36 @@
+From d6f3c03cf55c98da87e547882379a85ce2b3dc81 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Fri, 11 Oct 2019 20:21:42 -0400
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1740
+
+---
+ magick/quantize.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/magick/quantize.c b/magick/quantize.c
+index 0f963b4..b6c1645 100644
+--- a/magick/quantize.c
++++ b/magick/quantize.c
+@@ -2293,8 +2293,8 @@ MagickExport MagickBooleanType PosterizeImageChannel(Image *image,
+   const ChannelType channel,const size_t levels,const MagickBooleanType dither)
+ {
+ #define PosterizeImageTag  "Posterize/Image"
+-#define PosterizePixel(pixel) (Quantum) (QuantumRange*(MagickRound( \
+-  QuantumScale*pixel*(levels-1)))/MagickMax((ssize_t) levels-1,1))
++#define PosterizePixel(pixel) ClampToQuantum((MagickRealType) QuantumRange*( \
++  MagickRound(QuantumScale*pixel*(levels-1)))/MagickMax((ssize_t) levels-1,1))
+ 
+   CacheView
+     *image_view;
+@@ -3342,7 +3342,7 @@ static MagickBooleanType SetGrayscaleImage(Image *image)
+     }
+   (void) memset(colormap_index,0,extent*sizeof(*colormap_index));
+   for (i=0; i < (ssize_t) image->colors; i++)
+-    image->colormap[i].opacity=(unsigned short) i;
++    image->colormap[i].opacity=(Quantum) i;
+   qsort((void *) image->colormap,image->colors,sizeof(PixelPacket),
+     IntensityCompare);
+   colormap=(PixelPacket *) AcquireQuantumMemory(image->colors,
+-- 
+2.23.0
+
diff --git a/ImageMagick.spec b/ImageMagick.spec
index b1c4014..6c1af7b 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -1,7 +1,7 @@
 Name:           ImageMagick
 Epoch:          1
 Version:        6.9.10.67
-Release:        23
+Release:        24
 Summary:        Create, edit, compose, or convert bitmap images
 License:        ImageMagick and MIT
 Url:            http://www.imagemagick.org/
@@ -57,6 +57,7 @@ Patch0047:      CVE-2019-18853.patch
 Patch0048:      CVE-2020-27752.patch
 Patch0049:      CVE-2021-20309.patch
 Patch0050:      CVE-2021-20311-20312-20313.patch
+Patch0051:      CVE-2020-27769.patch
 
 BuildRequires:  bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
 BuildRequires:  libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@@ -214,6 +215,9 @@ rm PerlMagick/demo/Generic.ttf
 %{_libdir}/pkgconfig/ImageMagick++*
 
 %changelog
+* Tue May 25 2021 wangyue <wangyue92@huawei.com> - 6.9.10.67-24
+- Fix CVE-2020-27769
+
 * Thu May 20 2021 wangyue <wangyue92@huawei.com> - 6.9.10.67-23
 - Fix CVE-2021-20309 CVE-2021-20311 CVE-2021-20312 CVE-2021-20313
 
-- 
Gitee