From 1786d6a2a645927a4425fb6d5feb09e489c42027 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Thu, 9 Feb 2023 17:02:13 +0800
Subject: [PATCH] Fix CVE-2022-44267 and CVE-2022-44268

(cherry picked from commit abca3bb7478c94d9a9c7c67e087fe45e5f1e4ee9)
---
 CVE-2022-44267_CVE-2022-44268.patch | 22 ++++++++++++++++++++++
 ImageMagick.spec                    |  6 +++++-
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2022-44267_CVE-2022-44268.patch

diff --git a/CVE-2022-44267_CVE-2022-44268.patch b/CVE-2022-44267_CVE-2022-44268.patch
new file mode 100644
index 0000000..be18c01
--- /dev/null
+++ b/CVE-2022-44267_CVE-2022-44268.patch
@@ -0,0 +1,22 @@
+From 05673e63c919e61ffa1107804d1138c46547a475 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sat, 22 Oct 2022 13:28:46 -0400
+Subject: [PATCH] possible DoS @ stdin (OCE-2022-70); possible arbitrary file
+ leak (OCE-2022-72)
+
+---
+ coders/png.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/coders/png.c b/coders/png.c
+index c83d937c93..4f8c8909bf 100644
+--- a/coders/png.c
++++ b/coders/png.c
+@@ -3980,6 +3980,7 @@ static Image *ReadOnePNGImage(MngInfo *mng_info,
+                 (void) FormatLocaleString(key,MagickPathExtent,"%s",
+                   text[i].key);
+                 if ((LocaleCompare(key,"version") == 0) ||
++                    (LocaleCompare(key,"profile") == 0) ||
+                     (LocaleCompare(key,"width") == 0))
+                   (void) FormatLocaleString(key,MagickPathExtent,"png:%s",
+                     text[i].key);
diff --git a/ImageMagick.spec b/ImageMagick.spec
index e3aef47..1eb5f75 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -1,7 +1,7 @@
 Name:           ImageMagick
 Epoch:          1
 Version:        7.1.0.28
-Release:        5
+Release:        6
 Summary:        Create, edit, compose, or convert bitmap images
 License:        ImageMagick and MIT
 Url:            http://www.imagemagick.org/
@@ -14,6 +14,7 @@ Patch0004: CVE-2022-3213-pre2.patch
 Patch0005: CVE-2022-3213-pre3.patch
 Patch0006: CVE-2022-3213.patch
 Patch0007: CVE-2022-32547.patch
+Patch0008: CVE-2022-44267_CVE-2022-44268.patch
 
 BuildRequires:  bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
 BuildRequires:  libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@@ -168,6 +169,9 @@ rm PerlMagick/demo/Generic.ttf
 %{_libdir}/pkgconfig/ImageMagick*
 
 %changelog
+* Thu Feb 09 2023 yaoxin <yaoxin30@h-partners.com> - 1:7.1.0.28-6
+- Fix CVE-2022-44267 and CVE-2022-44268
+
 * Tue Nov 22 2022 yaoxin <yaoxin30@h-partners.com> - 1:7.1.0.28-5
 - Fix CVE-2022-32547
 
-- 
Gitee