From 5b0c46c512f525eb94c779fe2996fe063472be83 Mon Sep 17 00:00:00 2001 From: wang_yue111 <648774160@qq.com> Date: Tue, 25 May 2021 14:55:05 +0800 Subject: [PATCH] Fix CVE-2020-27769 (cherry picked from commit d62d86759be2c43ae3cc2904a502852251443485) --- CVE-2020-27769.patch | 36 ++++++++++++++++++++++++++++++++++++ ImageMagick.spec | 6 +++++- 2 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 CVE-2020-27769.patch diff --git a/CVE-2020-27769.patch b/CVE-2020-27769.patch new file mode 100644 index 0000000..0a847db --- /dev/null +++ b/CVE-2020-27769.patch @@ -0,0 +1,36 @@ +From d6f3c03cf55c98da87e547882379a85ce2b3dc81 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Fri, 11 Oct 2019 20:21:42 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1740 + +--- + magick/quantize.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/magick/quantize.c b/magick/quantize.c +index 0f963b4..b6c1645 100644 +--- a/magick/quantize.c ++++ b/magick/quantize.c +@@ -2293,8 +2293,8 @@ MagickExport MagickBooleanType PosterizeImageChannel(Image *image, + const ChannelType channel,const size_t levels,const MagickBooleanType dither) + { + #define PosterizeImageTag "Posterize/Image" +-#define PosterizePixel(pixel) (Quantum) (QuantumRange*(MagickRound( \ +- QuantumScale*pixel*(levels-1)))/MagickMax((ssize_t) levels-1,1)) ++#define PosterizePixel(pixel) ClampToQuantum((MagickRealType) QuantumRange*( \ ++ MagickRound(QuantumScale*pixel*(levels-1)))/MagickMax((ssize_t) levels-1,1)) + + CacheView + *image_view; +@@ -3342,7 +3342,7 @@ static MagickBooleanType SetGrayscaleImage(Image *image) + } + (void) memset(colormap_index,0,extent*sizeof(*colormap_index)); + for (i=0; i < (ssize_t) image->colors; i++) +- image->colormap[i].opacity=(unsigned short) i; ++ image->colormap[i].opacity=(Quantum) i; + qsort((void *) image->colormap,image->colors,sizeof(PixelPacket), + IntensityCompare); + colormap=(PixelPacket *) AcquireQuantumMemory(image->colors, +-- +2.23.0 + diff --git a/ImageMagick.spec b/ImageMagick.spec index b1c4014..6c1af7b 100644 --- a/ImageMagick.spec +++ b/ImageMagick.spec @@ -1,7 +1,7 @@ Name: ImageMagick Epoch: 1 Version: 6.9.10.67 -Release: 23 +Release: 24 Summary: Create, edit, compose, or convert bitmap images License: ImageMagick and MIT Url: http://www.imagemagick.org/ @@ -57,6 +57,7 @@ Patch0047: CVE-2019-18853.patch Patch0048: CVE-2020-27752.patch Patch0049: CVE-2021-20309.patch Patch0050: CVE-2021-20311-20312-20313.patch +Patch0051: CVE-2020-27769.patch BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel @@ -214,6 +215,9 @@ rm PerlMagick/demo/Generic.ttf %{_libdir}/pkgconfig/ImageMagick++* %changelog +* Tue May 25 2021 wangyue - 6.9.10.67-24 +- Fix CVE-2020-27769 + * Thu May 20 2021 wangyue - 6.9.10.67-23 - Fix CVE-2021-20309 CVE-2021-20311 CVE-2021-20312 CVE-2021-20313 -- Gitee