diff --git a/CVE-2018-16329.patch b/CVE-2018-16329.patch new file mode 100644 index 0000000000000000000000000000000000000000..54f8dbf1dba874868c3c86ac402e76c0880c9ca4 --- /dev/null +++ b/CVE-2018-16329.patch @@ -0,0 +1,70 @@ +From 5bf7ff59c8ada957d6a681a0a2cc29f3813ad4bc Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Wed, 1 Apr 2020 19:14:12 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1225 + +--- + magick/property.c | 12 ++++++++++++ + 1 files changed, 12 insertions(+) + +diff --git a/magick/property.c b/magick/property.c +index 4fd7e9d..4c09e40 100644 +--- a/magick/property.c ++++ b/magick/property.c +@@ -2526,6 +2526,13 @@ MagickExport const char *GetImageProperty(const Image *image, + static const char *GetMagickPropertyLetter(const ImageInfo *image_info, + Image *image,const char letter) + { ++#define WarnNoImageInfoReturn(format,arg) \ ++ if (image_info == (ImageInfo *) NULL ) { \ ++ (void) ThrowMagickException(&image->exception,GetMagickModule(), \ ++ OptionWarning,"NoImageInfoForProperty",format,arg); \ ++ return((const char *) NULL); \ ++ } ++ + char + value[MaxTextExtent]; + +@@ -2658,6 +2665,7 @@ static const char *GetMagickPropertyLetter(const ImageInfo *image_info, + /* + Output Filename - for delegate use only + */ ++ WarnNoImageInfoReturn("\"%%%c\"",letter); + string=image_info->filename; + break; + } +@@ -2702,6 +2710,7 @@ static const char *GetMagickPropertyLetter(const ImageInfo *image_info, + /* + Image scene number. + */ ++ WarnNoImageInfoReturn("\"%%%c\"",letter); + if (image_info->number_scenes != 0) + (void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double) + image_info->scene); +@@ -2723,6 +2732,7 @@ static const char *GetMagickPropertyLetter(const ImageInfo *image_info, + /* + Unique filename. + */ ++ WarnNoImageInfoReturn("\"%%%c\"",letter); + string=image_info->unique; + break; + } +@@ -2883,6 +2893,7 @@ static const char *GetMagickPropertyLetter(const ImageInfo *image_info, + /* + Image scenes. + */ ++ WarnNoImageInfoReturn("\"%%%c\"",letter); + if (image_info->number_scenes == 0) + string="2147483647"; + else +@@ -2941,6 +2952,7 @@ static const char *GetMagickPropertyLetter(const ImageInfo *image_info, + /* + Zero filename. + */ ++ WarnNoImageInfoReturn("\"%%%c\"",letter); + string=image_info->zero; + break; + } +-- +1.8.3.1 + diff --git a/CVE-2020-27759.patch b/CVE-2020-27759.patch new file mode 100644 index 0000000000000000000000000000000000000000..5526548448227bfb6251956e7b37c05718e29c9d --- /dev/null +++ b/CVE-2020-27759.patch @@ -0,0 +1,35 @@ +From 460dea07066e2001bc4671fcd8d53233f0fc29b3 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Sat, 5 Oct 2019 09:53:19 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1720 + +--- + magick/quantize.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/magick/quantize.c b/magick/quantize.c +index d4c841b68..fb0646661 100644 +--- a/magick/quantize.c ++++ b/magick/quantize.c +@@ -3212,16 +3212,17 @@ extern "C" { + + static int IntensityCompare(const void *x,const void *y) + { +- double +- intensity; +- + PixelPacket + *color_1, + *color_2; + ++ ssize_t ++ intensity; ++ + color_1=(PixelPacket *) x; + color_2=(PixelPacket *) y; +- intensity=PixelPacketIntensity(color_1)-PixelPacketIntensity(color_2); ++ intensity=(ssize_t) (PixelPacketIntensity(color_1)- ++ PixelPacketIntensity(color_2)); + return((int) intensity); + } + diff --git a/CVE-2020-27760.patch b/CVE-2020-27760.patch new file mode 100644 index 0000000000000000000000000000000000000000..6d2bb7ac71f08f4b66275aab17ece203b680f4ec --- /dev/null +++ b/CVE-2020-27760.patch @@ -0,0 +1,86 @@ +From 83cd04f580ccf4cc194813777c1fcfba78e602aa Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Fri, 4 Oct 2019 18:04:09 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1717 + +--- + magick/enhance.c | 27 ++++++++++++++------------- + 1 file changed, 14 insertions(+), 13 deletions(-) + +diff --git a/magick/enhance.c b/magick/enhance.c +index a100cf8b7..614269e3a 100644 +--- a/magick/enhance.c ++++ b/magick/enhance.c +@@ -2207,7 +2207,8 @@ MagickExport MagickBooleanType GammaImageChannel(Image *image, + if (gamma != 0.0) + for (i=0; i <= (ssize_t) MaxMap; i++) + gamma_map[i]=ClampToQuantum((MagickRealType) ScaleMapToQuantum(( +- MagickRealType) (MaxMap*pow((double) i/MaxMap,1.0/gamma)))); ++ MagickRealType) (MaxMap*pow((double) i/MaxMap, ++ PerceptibleReciprocal(gamma))))); + if (image->storage_class == PseudoClass) + { + /* +@@ -2238,18 +2239,18 @@ MagickExport MagickBooleanType GammaImageChannel(Image *image, + #else + if ((channel & RedChannel) != 0) + image->colormap[i].red=QuantumRange*gamma_pow(QuantumScale* +- image->colormap[i].red,1.0/gamma); ++ image->colormap[i].red,PerceptibleReciprocal(gamma)); + if ((channel & GreenChannel) != 0) + image->colormap[i].green=QuantumRange*gamma_pow(QuantumScale* +- image->colormap[i].green,1.0/gamma); ++ image->colormap[i].green,PerceptibleReciprocal(gamma)); + if ((channel & BlueChannel) != 0) + image->colormap[i].blue=QuantumRange*gamma_pow(QuantumScale* +- image->colormap[i].blue,1.0/gamma); ++ image->colormap[i].blue,PerceptibleReciprocal(gamma)); + if ((channel & OpacityChannel) != 0) + { + if (image->matte == MagickFalse) + image->colormap[i].opacity=QuantumRange*gamma_pow(QuantumScale* +- image->colormap[i].opacity,1.0/gamma); ++ image->colormap[i].opacity,PerceptibleReciprocal(gamma)); + else + image->colormap[i].opacity=QuantumRange-QuantumRange*gamma_pow( + QuantumScale*(QuantumRange-image->colormap[i].opacity),1.0/ +@@ -2319,31 +2320,31 @@ MagickExport MagickBooleanType GammaImageChannel(Image *image, + if ((channel & SyncChannels) != 0) + { + SetPixelRed(q,QuantumRange*gamma_pow(QuantumScale*GetPixelRed(q), +- 1.0/gamma)); ++ PerceptibleReciprocal(gamma))); + SetPixelGreen(q,QuantumRange*gamma_pow(QuantumScale*GetPixelGreen(q), +- 1.0/gamma)); ++ PerceptibleReciprocal(gamma))); + SetPixelBlue(q,QuantumRange*gamma_pow(QuantumScale*GetPixelBlue(q), +- 1.0/gamma)); ++ PerceptibleReciprocal(gamma))); + } + else + { + if ((channel & RedChannel) != 0) + SetPixelRed(q,QuantumRange*gamma_pow(QuantumScale*GetPixelRed(q), +- 1.0/gamma)); ++ PerceptibleReciprocal(gamma))); + if ((channel & GreenChannel) != 0) + SetPixelGreen(q,QuantumRange*gamma_pow(QuantumScale* +- GetPixelGreen(q),1.0/gamma)); ++ GetPixelGreen(q),PerceptibleReciprocal(gamma))); + if ((channel & BlueChannel) != 0) + SetPixelBlue(q,QuantumRange*gamma_pow(QuantumScale*GetPixelBlue(q), +- 1.0/gamma)); ++ PerceptibleReciprocal(gamma))); + if ((channel & OpacityChannel) != 0) + { + if (image->matte == MagickFalse) + SetPixelOpacity(q,QuantumRange*gamma_pow(QuantumScale* +- GetPixelOpacity(q),1.0/gamma)); ++ GetPixelOpacity(q),PerceptibleReciprocal(gamma))); + else + SetPixelAlpha(q,QuantumRange*gamma_pow(QuantumScale* +- GetPixelAlpha(q),1.0/gamma)); ++ GetPixelAlpha(q),PerceptibleReciprocal(gamma))); + } + } + #endif diff --git a/CVE-2020-27761.patch b/CVE-2020-27761.patch new file mode 100644 index 0000000000000000000000000000000000000000..9ba4e7ac233911670c417b253f1da1420c6dd6fa --- /dev/null +++ b/CVE-2020-27761.patch @@ -0,0 +1,28 @@ +From 14c90fb315eb3666a4cf6d784cbde74c69c934ec Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Mon, 7 Oct 2019 18:13:37 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1726 + +--- + coders/palm.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/coders/palm.c b/coders/palm.c +index 4cd5522a4..a3eae1d82 100644 +--- a/coders/palm.c ++++ b/coders/palm.c +@@ -908,10 +908,10 @@ static MagickBooleanType WritePALMImage(const ImageInfo *image_info, + { + for (x=0; x < (ssize_t) image->columns; x++) + { +- color16=(unsigned short) ((((31*(size_t) GetPixelRed(p))/ +- (size_t) QuantumRange) << 11) | +- (((63*(size_t) GetPixelGreen(p))/(size_t) QuantumRange) << 5) | +- ((31*(size_t) GetPixelBlue(p))/(size_t) QuantumRange)); ++ color16=(unsigned short) ((((31*(ssize_t) GetPixelRed(p))/ ++ (ssize_t) QuantumRange) << 11) | ++ (((63*(ssize_t) GetPixelGreen(p))/(ssize_t) QuantumRange) << 5) | ++ ((31*(ssize_t) GetPixelBlue(p))/(ssize_t) QuantumRange)); + if (GetPixelOpacity(p) == (Quantum) TransparentOpacity) + { + transpix.red=GetPixelRed(p); diff --git a/CVE-2020-27762.patch b/CVE-2020-27762.patch new file mode 100644 index 0000000000000000000000000000000000000000..8508cab0a73e40bd0cb993a5b84d45f369589151 --- /dev/null +++ b/CVE-2020-27762.patch @@ -0,0 +1,29 @@ +From 3e10f7c3c9f0394dfd6ebd372bc34a172dabc8ff Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Thu, 3 Oct 2019 18:24:44 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1713 + +--- + coders/hdr.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/coders/hdr.c b/coders/hdr.c +index ab02f8e52..77e3c6336 100644 +--- a/coders/hdr.c ++++ b/coders/hdr.c +@@ -786,9 +786,12 @@ static MagickBooleanType WriteHDRImage(const ImageInfo *image_info,Image *image) + exponent; + + gamma=frexp(gamma,&exponent)*256.0/gamma; +- pixel[0]=(unsigned char) (gamma*QuantumScale*GetPixelRed(p)); +- pixel[1]=(unsigned char) (gamma*QuantumScale*GetPixelGreen(p)); +- pixel[2]=(unsigned char) (gamma*QuantumScale*GetPixelBlue(p)); ++ if (GetPixelRed(p) > 0) ++ pixel[0]=(unsigned char) (gamma*QuantumScale*GetPixelRed(p)); ++ if (GetPixelGreen(p) > 0) ++ pixel[1]=(unsigned char) (gamma*QuantumScale*GetPixelGreen(p)); ++ if (GetPixelBlue(p) > 0) ++ pixel[2]=(unsigned char) (gamma*QuantumScale*GetPixelBlue(p)); + pixel[3]=(unsigned char) (exponent+128); + } + if ((image->columns >= 8) && (image->columns <= 0x7ffff)) diff --git a/CVE-2020-27764.patch b/CVE-2020-27764.patch new file mode 100644 index 0000000000000000000000000000000000000000..57e9805bfd20f5cce691f80b1a3ac9c90431e47d --- /dev/null +++ b/CVE-2020-27764.patch @@ -0,0 +1,58 @@ +From 3e21bc8a58b4ae38d24c7e283837cc279f35b6a5 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Wed, 9 Oct 2019 18:44:16 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1735 + +--- + magick/statistic.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/magick/statistic.c b/magick/statistic.c +index 7bc816360..87a9a42f4 100644 +--- a/magick/statistic.c ++++ b/magick/statistic.c +@@ -259,7 +259,7 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case AndEvaluateOperator: + { +- result=(MagickRealType) ((size_t) pixel & (size_t) (value+0.5)); ++ result=(MagickRealType) ((ssize_t) pixel & (ssize_t) (value+0.5)); + break; + } + case CosineEvaluateOperator: +@@ -299,7 +299,7 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case LeftShiftEvaluateOperator: + { +- result=(MagickRealType) ((size_t) pixel << (size_t) (value+0.5)); ++ result=(MagickRealType) ((ssize_t) pixel << (ssize_t) (value+0.5)); + break; + } + case LogEvaluateOperator: +@@ -342,7 +342,7 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case OrEvaluateOperator: + { +- result=(MagickRealType) ((size_t) pixel | (size_t) (value+0.5)); ++ result=(MagickRealType) ((ssize_t) pixel | (ssize_t) (value+0.5)); + break; + } + case PoissonNoiseEvaluateOperator: +@@ -359,7 +359,7 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case RightShiftEvaluateOperator: + { +- result=(MagickRealType) ((size_t) pixel >> (size_t) (value+0.5)); ++ result=(MagickRealType) ((ssize_t) pixel >> (ssize_t) (value+0.5)); + break; + } + case RootMeanSquareEvaluateOperator: +@@ -413,7 +413,7 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case XorEvaluateOperator: + { +- result=(MagickRealType) ((size_t) pixel ^ (size_t) (value+0.5)); ++ result=(MagickRealType) ((ssize_t) pixel ^ (ssize_t) (value+0.5)); + break; + } + } diff --git a/CVE-2020-27765.patch b/CVE-2020-27765.patch new file mode 100644 index 0000000000000000000000000000000000000000..25a7707a3a6c80c7ccebe22e8e3c15045c58d47c --- /dev/null +++ b/CVE-2020-27765.patch @@ -0,0 +1,22 @@ +From 4321934be544bc2888c6799fd6b50d8188a3d832 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Tue, 8 Oct 2019 17:27:35 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1730 + +--- + magick/segment.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/magick/segment.c b/magick/segment.c +index 8f03c22ef..46fae277f 100644 +--- a/magick/segment.c ++++ b/magick/segment.c +@@ -1696,7 +1696,7 @@ static MagickRealType OptimalTau(const ssize_t *histogram,const double max_tau, + average_tau=0.0; + for (i=0; i < number_nodes; i++) + average_tau+=list[i]->tau; +- average_tau/=(MagickRealType) number_nodes; ++ average_tau*=PerceptibleReciprocal((MagickRealType) number_nodes); + /* + Relinquish resources. + */ diff --git a/CVE-2020-27766.patch b/CVE-2020-27766.patch new file mode 100644 index 0000000000000000000000000000000000000000..1c3fbdf4c7fdce2d2294ecbadf8636dad262ade9 --- /dev/null +++ b/CVE-2020-27766.patch @@ -0,0 +1,45 @@ +From 052175e4b190598141fbcc64641cd5ee4db3602d Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Thu, 10 Oct 2019 20:40:18 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1743 + +--- + magick/statistic.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/magick/statistic.c b/magick/statistic.c +index 2db7c858f..827d87fa6 100644 +--- a/magick/statistic.c ++++ b/magick/statistic.c +@@ -230,6 +230,9 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + MagickRealType + result; + ++ register ssize_t ++ i; ++ + result=0.0; + switch (op) + { +@@ -299,7 +302,9 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case LeftShiftEvaluateOperator: + { +- result=(MagickRealType) ((ssize_t) pixel << (ssize_t) (value+0.5)); ++ result=(double) pixel; ++ for (i=0; i < (ssize_t) value; i++) ++ result*=2.0; + break; + } + case LogEvaluateOperator: +@@ -359,7 +364,9 @@ static MagickRealType ApplyEvaluateOperator(RandomInfo *random_info, + } + case RightShiftEvaluateOperator: + { +- result=(MagickRealType) ((ssize_t) pixel >> (ssize_t) (value+0.5)); ++ result=(MagickRealType) pixel; ++ for (i=0; i < (ssize_t) value; i++) ++ result/=2.0; + break; + } + case RootMeanSquareEvaluateOperator: diff --git a/CVE-2020-27767.patch b/CVE-2020-27767.patch new file mode 100644 index 0000000000000000000000000000000000000000..cbd74b80a1581ea2761a81a5be498fd9601ff989 --- /dev/null +++ b/CVE-2020-27767.patch @@ -0,0 +1,68 @@ +From c2f66e7fc9189a652f77a021bd047c4146d634d1 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Thu, 10 Oct 2019 21:03:00 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1741 + +--- + magick/quantum.h | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/magick/quantum.h b/magick/quantum.h +index 821680de0..6c05c212a 100644 +--- a/magick/quantum.h ++++ b/magick/quantum.h +@@ -18,6 +18,7 @@ + #ifndef MAGICKCORE_QUANTUM_H + #define MAGICKCORE_QUANTUM_H + ++#include + #include "magick/image.h" + #include "magick/semaphore.h" + +@@ -87,6 +88,10 @@ typedef struct _QuantumInfo + static inline Quantum ClampToQuantum(const MagickRealType value) + { + #if defined(MAGICKCORE_HDRI_SUPPORT) ++ if (value < FLT_MIN) ++ return((Quantum) FLT_MIN); ++ if (value > FLT_MAX) ++ return((Quantum) FLT_MAX); + return((Quantum) value); + #else + if (value <= 0.0f) +@@ -103,7 +108,7 @@ static inline unsigned char ScaleQuantumToChar(const Quantum quantum) + #if !defined(MAGICKCORE_HDRI_SUPPORT) + return((unsigned char) quantum); + #else +- if (quantum <= 0.0) ++ if ((IsNaN(quantum) != MagickFalse) || (quantum <= 0.0)) + return(0); + if (quantum >= 255.0) + return(255); +@@ -116,7 +121,7 @@ static inline unsigned char ScaleQuantumToChar(const Quantum quantum) + #if !defined(MAGICKCORE_HDRI_SUPPORT) + return((unsigned char) (((quantum+128UL)-((quantum+128UL) >> 8)) >> 8)); + #else +- if (quantum <= 0.0) ++ if ((IsNaN(quantum) != MagickFalse) || (quantum <= 0.0)) + return(0); + if ((quantum/257.0) >= 255.0) + return(255); +@@ -130,7 +135,7 @@ static inline unsigned char ScaleQuantumToChar(const Quantum quantum) + return((unsigned char) ((quantum+MagickULLConstant(8421504))/ + MagickULLConstant(16843009))); + #else +- if (quantum <= 0.0) ++ if ((IsNaN(quantum) != MagickFalse) || (quantum <= 0.0)) + return(0); + if ((quantum/16843009.0) >= 255.0) + return(255); +@@ -143,7 +148,7 @@ static inline unsigned char ScaleQuantumToChar(const Quantum quantum) + #if !defined(MAGICKCORE_HDRI_SUPPORT) + return((unsigned char) (quantum/72340172838076673.0+0.5)); + #else +- if (quantum <= 0.0) ++ if ((IsNaN(quantum) != MagickFalse) || (quantum <= 0.0)) + return(0); + if ((quantum/72340172838076673.0) >= 255.0) + return(255); diff --git a/CVE-2020-27770.patch b/CVE-2020-27770.patch new file mode 100644 index 0000000000000000000000000000000000000000..752198831b6f911305a4df013d48ccfb5459ac77 --- /dev/null +++ b/CVE-2020-27770.patch @@ -0,0 +1,33 @@ +From c01495f91ac71c5205f52713430b68e80d851149 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Sat, 5 Oct 2019 08:56:29 -0400 +Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1721 + +--- + magick/string.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/magick/string.c b/magick/string.c +index f6f7b9318..1b47f562e 100644 +--- a/magick/string.c ++++ b/magick/string.c +@@ -2534,7 +2534,7 @@ MagickExport MagickBooleanType SubstituteString(char **string, + { + if (search_extent == 0) + search_extent=strlen(search); +- if (strncmp(p,search,search_extent) != 0) ++ if ((*p == *search) && (strncmp(p,search,search_extent) != 0)) + continue; + /* + We found a match. +@@ -2562,7 +2562,9 @@ MagickExport MagickBooleanType SubstituteString(char **string, + (void) memmove(p+replace_extent,p+search_extent, + strlen(p+search_extent)+1); + (void) memcpy(p,replace,replace_extent); +- p+=replace_extent-1; ++ p+=replace_extent; ++ if (replace_extent != 0) ++ p--; + } + return(status); + } diff --git a/ImageMagick.spec b/ImageMagick.spec index 3ab5b99de8499a54484505e085a9b8a1f6744b2d..5b064821eac3c5433824554aeee0e1a24f3d2ec2 100644 --- a/ImageMagick.spec +++ b/ImageMagick.spec @@ -1,13 +1,23 @@ Name: ImageMagick Epoch: 1 Version: 6.9.10.67 -Release: 8 +Release: 9 Summary: Create, edit, compose, or convert bitmap images License: ImageMagick Url: http://www.imagemagick.org/ Source0: https://mirrors.sohu.com/gentoo/distfiles/db/ImageMagick-6.9.10-67.tar.xz Patch0001: CVE-2019-7397.patch +Patch0002: CVE-2018-16329.patch +Patch0003: CVE-2020-27759.patch +Patch0004: CVE-2020-27760.patch +Patch0005: CVE-2020-27761.patch +Patch0006: CVE-2020-27762.patch +Patch0007: CVE-2020-27764.patch +Patch0008: CVE-2020-27765.patch +Patch0009: CVE-2020-27766.patch +Patch0010: CVE-2020-27767.patch +Patch0011: CVE-2020-27770.patch BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel @@ -165,6 +175,10 @@ rm PerlMagick/demo/Generic.ttf %{_libdir}/pkgconfig/ImageMagick++* %changelog +* Mon Jan 04 2021 wangxiao - 6.9.10.67-9 +- fix CVE-2018-16329 CVE-2020-27759 CVE-2020-27760 CVE-2020-27761 CVE-2020-27762 + CVE-2020-27764 CVE-2020-27765 CVE-2020-27765 CVE-2020-27766 CVE-2020-27767 CVE-2020-27770 + * Thu Nov 05 2020 leiju - 6.9.10.67-8 - Add Requires ImageMagick-help into ImageMagick